Docstoc

New Zealand Intelligence and Security Documents

Document Sample
New Zealand Intelligence and Security Documents Powered By Docstoc
					New Zealand Intelligence and Security Documents
      INTELLIGENCE ORGANISATIONS AND THE PRIVACY ACT
       REVIEW OF THE PRIVACY ACT 1993 - DISCUSSION PAPER No. 11
      LAW ENFORCEMENT INFORMATION AND RELATED ISSUES
       REVIEW OF THE PRIVACY ACT 1993 - DISCUSSION PAPER No.8
      THE INTELLIGENCE AND SECURITY AGENCIES BILL
       REPORT BY THE PRIVACY COMMISSIONER TO THE MINISTER OF JUSTICE
      THE POSTAL SERVICES BILL
       REPORT BY THE PRIVACY COMMISSIONER TO THE MINISTER OF JUSTICE
      RADIOCOMMUNICATIONS AMENDMENT BILL
       REPORT BY THE PRIVACY COMMISSIONER
      Release of Report on Action Undertaken by the Security Intelligence Service for the Social
       Welfare Department
       Prime Minister Jim Bolger - New Zealand Executive Government News Release 18 June, 1997
      PM WELCOMES MYTH-BREAKING BOOKLET
       Hon Jenny Shipley, Prime Minister - New Zealand Executive Government News Release -
       Wednesday, 8 April 1998




REVIEW OF THE PRIVACY ACT 1993
DISCUSSION PAPER No. 11
INTELLIGENCE ORGANISATIONS AND THE PRIVACY ACT

The Privacy Commissioner is reviewing the operation of the Privacy Act under section 26 of the
Act. The Commissioner will consider whether any amendments to the Act are necessary or
desirable and will report his findings to the Minister of Justice.

This paper is one in a series which will cover the entire scope of the Act and highlight some
issues. To find out which other discussion papers have been released, and to obtain copies of
them, you may contact the Commissioner's office. Copies of the discussion papers will also be
available through the Commissioner's web site.

The Privacy Commissioner welcomes comments on this paper and seeks responses to any
specific questions raised. Submissions should be made in writing and be forwarded to the
Commissioner's office by post or email no later than 3 November 1997.
The Commissioner will hold a series of consultation meetings in the main centres and some
regional cities during November. If you would like to be invited to a consultation meeting please
indicate this with your written submission.

Contact details for consultation

Privacy Act Review 1997

Office of the Privacy Commissioner

P O Box 10-094

Wellington

fax: 04-474 7595 privacy hotline: 0800-803 909 email: privacy@actrix.gen.nz

For general enquiries about the review please speak to the Enquiries Officers at the freephone
number. If you have a more detailed enquiry concerning your submission or the review please
speak to the Codes and Legislation Officer at 04-474 7597.

Background information on the Privacy Act is available on the Internet at:

http://www.knowledge-basket.co.nz/privacy/welcome.htm




INTELLIGENCE ORGANISATIONS AND THE
PRIVACY ACT
Introduction

Fear of state surveillance and secret informers can probably be traced back to the start of
organised societies. The fears have often been well founded as the opening of secret service files
from East Germany and Poland have shown. New Zealand, like other free and democratic
societies, has generally accepted the need for some form of secret state surveillance to guard
against those who would undermine democratic structures. However all democratic societies
have also wrestled with the appropriate legal and administrative controls to ensure that any secret
services remain accountable to those democratic institutions and do not go beyond what is
reasonable to achieve their assigned mandate.

Undoubtedly the work of intelligence and security agencies is a major inroad into our privacy.
The inroad has not diminished following the collapse of most communist states whereas
arguably the need for it has. Many New Zealanders will accept the need for these agencies but
take the view that perceived weaknesses in oversight and control mechanisms provide a
possibility for unnecessary breaches of privacy.
The restrictions on the flow of information necessary to successful intelligence operations limits
the application to intelligence organisations of standard public accountability controls.
Intelligence organisations have been subject to little direct scrutiny from outside the executive
government. There is presently some limited external scrutiny from the Auditor General, the
Ombudsman and Privacy Commissioner, and probably to some limited extent certain other
bodies. The limited brief of the former Commissioner of Security Appeals has recently been
replaced by an Inspector-General of Intelligence and Security with a wider mandate and greater
powers.

Secret surveillance and intelligence gathering creates profound privacy risks for the individuals
affected and society at large. To constrain those risks the Privacy Commissioner has taken the
view that:

      the role of intelligence organisations should be kept to a tight brief and not be allowed to
       stray into areas which can be appropriately managed by normal and open governmental
       and policing activities;
      while the agencies will need to conduct a significant proportion of their work in secret
       there will be areas in which some information can be disclosed publicly, to the
       individuals affected or to oversight bodies, and the greatest degree of openness and
       disclosure should be promoted;
      as far as possible similar accountability mechanisms as apply to other bodies should
       apply to the agencies (perhaps in a modified manner) unless there is a good reason for
       that not to occur; and
      there should be redress for actions of intelligence organisations which breach individual
       rights without justification, including the right to privacy.

This discussion paper focuses exclusively on whether an existing exemption should be narrowed
so as to apply further information privacy principles to intelligence organisations. Material in this
paper (including expressions of the Commissioner's views) is drawn from the Privacy
Commissioner's report to the Minister of Justice on the Intelligence and Security Agencies Bill
(February 1996).

The existing position of intelligence organisations under the Privacy Act

The Privacy Act contains two specific provisions dealing with intelligence organisations:
sections 57 and 81. The term "intelligence organisation" is defined in section 2 to mean the New
Zealand Security Intelligence Service and the Government Communications Security Bureau
(hereafter referred to as the SIS and GCSB).

Section 57 of the Privacy Act provides:

"Intelligence organisations - Nothing in principles 1 to 5 or principles 8 to 11 applies in relation
to information collected, obtained, held, used, or disclosed by, or disclosed to, an intelligence
organisation."
Only the principles dealing with the rights of access to personal information by the individual
concerned (principle 6), the right of the individual concerned to seek correction of personal
information (principle 7) and that relating to unique identifiers (principle 12) apply to
intelligence organisations.

There is a special procedure set out in section 81 in relation to investigations which may be
undertaken in relation to an alleged breach by an intelligence organisation of principles 6, 7 or 12.
Most of the complaints the Commissioner receives and investigates relate to a request for a
review of a decision by an intelligence organisation to refuse access to information that it holds
or to refuse to confirm or deny that it holds any information. The special procedure that applies
under section 81 means that neither the Commissioner (through the Proceedings Commissioner)
nor the complainant may refer a complaint to the Complaints Review Tribunal for determination.
Rather the procedure anticipates the Commissioner conducting an investigation, forming an
opinion, and if the complaint cannot be resolved making a recommendation to the intelligence
organisation and awaiting the organisation's response. If no response is made within a reasonable
time or, after considering any comments made by the intelligence organisation, the
Commissioner may send a copy of his report and recommendations to the Prime Minister. In turn
the Prime Minister may lay a copy of all or part of the report before Parliament.

Extension of other privacy principles to intelligence organisations?

There is always the concern in free and democratic societies as to the surveillance activities of
the state. It is not possible for a concerned citizen to know whether the surveillance activities
being carried out on his or her behalf are excessive or are being properly kept in check. The
secrecy under which the activities are carried out, the various laws limiting public scrutiny for
reasons of national security, and the limited public reporting by oversight bodies, all give rise to
anxieties as to whether intelligence organisations are overstepping the mark between prudent
intelligence gathering to safeguard society and a more sinister "surveillance state". The various
scandals that surface from time to time with overseas intelligence organisations heighten public
concerns.

The Commissioner has expressed the view that it is desirable that the intelligence organisations
adhere to the laws that the rest of society lives by, particularly those relating to respect for human
rights and accountability to democratic institutions, to the greatest extent possible consistent with
the tasks that these agencies are called upon to perform. At the time that the Privacy Act was
enacted in 1993 the Government applied information privacy principles 6 and 7 to intelligence
organisations (although accompanied by a special complaints procedure which is not as robust or
as open as with other agencies). This was essentially the continuation of the access and
correction rights which existed under the Official Information Act 1982. However, the
Government also applied information privacy principle 12 to intelligence organisations.

The Commissioner has suggested that now may be the time to apply more of the remaining
principles to intelligence organisations (subject always to the special investigation procedure
which safeguards any reasonable need for secrecy in relation to complaints investigation and
determination). He has suggested that the need is made more urgent by the recent expansion of
the mandate of the SIS into new areas concerning the security of New Zealand's economic
wellbeing.

The Commissioner's view is that the information privacy principles provide a sound basis for fair
information handling and have clear relevance to intelligence organisations. In particular he
considers that principles 1, 5, 8 and 9 seem appropriate to be applied as an obligation on
intelligence organisations. These principles are seen as particularly suitable as they take account
of the purposes of the agencies concerned, apply standards that are reasonable in the
circumstances, and would not need to be amended to establish any national security exception.

Each of principles 1, 5, 8 and 9 has a relevance in relation to intelligence agencies just as they do
in other contexts. The standards and expectation will vary depending upon that intelligence
context but the principle will provide a guide as to the fair information handling requirements.

Information privacy principle 1 states:

Principle 1

Purpose of collection and personal information

Personal information shall not be collected by any agency unless-

   1. the information is collected for a lawful purpose connected with a

function or activity of the agency; and

   1. the collection of the information is necessary for that purpose.

In the context of the SIS the lawful purpose will be linked to the definition of "security" as set
out in the New Zealand Security Intelligence Service Act 1969.

Q1. Should principle 1 be applied to intelligence organisations?

Information privacy principle 5 provides:

Principle 5

Storage and security of personal intelligence

An agency that holds personal information shall ensure -

        (a) that the information is protected, by such security safeguards as it is reasonable in
       the circumstances to take, against -
                (i) loss; and
                (ii) access, use, modification or disclosure, except with the authority of the
               agency that holds the information; and
                (iii) other misuse; and
        (b) that if it is necessary for the information to be given to a person in connection with
       the provision of a service to the agency, everything reasonably within the power of the
       agency is done to prevent unauthorised disclosure of the information.

Of all the information privacy principles, this would seem to cause least difficulty for
intelligence agencies given their emphasis on security of information held and controls on its
disclosure. However, in some circumstances there may be information about an individual which
the intelligence organisation has a proper reason to hold but which, through a lapse in reasonable
security safeguards or otherwise, is disclosed publicly or to another agency that has no purpose
in receiving the information, thereby harming the individual. An example would be certain
material uncovered in the vetting process.

Q2. Should principle 5 be applied to intelligence organisations?

Information privacy principle 8 provides:

Principle 8

Accuracy, etc, of personal information to be checked before use

An agency that holds personal information shall not use that information without taking such
steps (if any) as are, in the circumstances, reasonable to ensure that, having regard to the
purposes for which the information is proposed to be used, the information is accurate, up to date,
complete, relevant, and not misleading.

It might be thought that some small piece of intelligence may seem of little importance at the
time it is gathered or shortly thereafter and yet, when it accumulated with various other pieces of
the jigsaw puzzle, achieve a significance weeks, months or years later. However, at the time that
the information actually is to be put to use, particularly where a decision based upon it will affect
the interests of individuals, it seems not unreasonable to apply the standards of principle 8, which
require that, having regard to the purpose for which the information is proposed to be used,
reasonable steps (if any) be taken to ensure the information is accurate, up to date, and so forth.
It may be that in the circumstances no checks are feasible and therefore no breach of the
principle would be possible. However, where some reasonable step to check information which
is to be used in such a way as to affect an individual could be checked this ought to be done.

Q3. Should principle 8 be applied to intelligence organisations?

Information privacy principle 9 states:

Principle 9

Agency not to keep personal information for longer than necessary
An agency that holds personal information shall not keep that information for longer than is
required for the purposes for which the information may lawfully be used.

If intelligence organisations open files on individuals, which turn out not to be necessary,
maintain vast numbers of files on individuals, or retain personal data long beyond its proper
usefulness, there are risks to privacy. Application of principle 9 would require agencies to have
policies on the retention of personal information about individuals. These policies would be
linked to the usefulness of the data for an agency's purposes and, for instance, to the statute under
which the SIS operates.

It would better serve individual privacy if some information was not kept overly long with the
dangers that it will paint an inaccurate picture, be out of date, or be misleading. That is not to say
that intelligence of a particular nature might nonetheless be held for a long period where it is
reasonable to do so. The importance is that intelligence organisations consider the principle,
apply it as relevant for their purposes. Ideally an independent oversight body should be able to
look at the result, challenge it and for the agency to have to justify its position where it seems at
variance with the principle. It is also important for individuals to have access to a complaints
procedure when they are harmed by an agency's disregard of the principle.

Case study: file retention

In Canada the 1981 McDonald Commission inquiry into the activities of the RCMP found that
the RCMP Security Services (improperly) had access to social insurance numbers and had
maintained files on homosexuals in Canada and on tourists who had visited the Soviet Union.
The McDonald Commission noted that the Security Services maintained files on 800,000
individual Canadians, that many such dossiers were needlessly opened and that this amounted to
an invasion of privacy. As a result the Solicitor General announced procedures for the eventual
destruction for many of the files. The Government accepted the Commission's criticisms and
stated that files would be destroyed unless they related to a person who requires a security
clearance for employment, there is reason to suspect that the person is a legitimate target for
investigation or that a person with access to classified information may become a security threat.
The files for possible destruction were to be reviewed by members of the Security Service and
officials of the Department of Justice and Ministry of the Solicitor General. Source: Flaherty,
Protecting Privacy in Surveillance Societies, 1989, 291. A discussion of the subsequent efforts to
deal with the development of a policy and to carry out the destruction of files is at pages 292-294.

Q4. Should principle 9 be applied to intelligence organisations?

Accordingly the suggestion is that an additional four of the twelve principles should now be
directly applied to intelligence agencies (although subject to a special complaints procedure
whereby the needs of security are accorded a priority).

Q5. Should any of principles 2, 3, 4, 10 or 11 be applied to intelligence organisations?

Other issues
This paper has limited detailed discussion to the present exemption from most of the information
privacy principles. Comments are nonetheless welcomed on any other relevant issues, such as in
relation to the special procedure relating to intelligence agencies in section 81. The creation since
the enactment of the Privacy Act of the position of Inspector General of Intelligence and Security
might also be relevant. For instance it might be possible for the Inspector General to satisfy
himself as to adequacy of organisation policies in respect of certain information privacy issues
even in circumstances where rights of complaint are limited.

Q6. Are any other changes to the Act desirable in respect of intelligence organisations?

Q7. Should the Inspector General of Intelligence and Security be given any statutory role
in respect of general compliance with principles for which there is no complaints provision?



The Privacy Commissioner may include in his final report a list of submissions received. He may
also refer to submissions in the text of his report. If you want your submission or any part of it
treated confidentially, or do not want it used in this way, please indicate this clearly. The
Commissioner is subject to the Official Information Act. Copies of submissions may therefore be
released on request. Any request for the withholding of information on the grounds of
confidentiality or for any other reason will be determined in accordance with that Act and section
116 of the Privacy Act.

act-revi/intell




REVIEW OF THE PRIVACY ACT 1993
DISCUSSION PAPER No.8
LAW ENFORCEMENT INFORMATION AND RELATED ISSUES

The Privacy Commissioner is reviewing the operation of the Privacy Act 1993 as he is required
to do under section 26 of the Act. The Commissioner will consider whether any amendments to
the Act are necessary or desirable and will report his findings to the Minister of Justice.

This paper is one in a series which will cover the entire scope of the Act and highlight some
issues so far identified. To find out which other discussion papers have been released, and to
obtain copies of them contact the Commissioner's office. Copies of the discussion papers are also
available through the Commissioner's web site.
The Privacy Commissioner welcomes comments on this paper and seeks responses to any
specific questions raised. Submissions should be made in writing and be forwarded to the
Commissioner's office by post or email no later than 31 August 1997 20 October 1997 (deadline
extended).

The Commissioner will hold a series of consultation meetings in the main centres and some
regional cities during November. If you would like to be invited to a consultation meeting please
indicate this with your written submission.

Contact details for consultation

Privacy Act Review 1997

Office of the Privacy Commissioner

P O Box 10-094

Wellington

fax: 04-474-7595 privacy hotline: 0800-803-909 email: privacy@actrix.gen.nz

For general enquiries about the review please speak to the enquiries officers at the freephone
number. If you have a more detailed enquiry concerning your submission or the review please
speak to the Codes and Legislation officer at 04-474-7597.

Background information on the Privacy Act is availabe on the Internet at:

http://www.knowledge-basket.co.nz/privacy/welcome.htm

ISBN 0-478-10363-8



INTRODUCTION

This discussion paper concerns law enforcement information and related issues. The Act deals
with law enforcement issues in a number of different ways. For example, "information matching"
can be seen as a law enforcement issue, as it is used to detect and deter benefit fraud.

Various other sections are relevant to law enforcement, such as the exceptions to the principles
for "the maintenance of the law", and similar grounds for withholding of information on an
access request. The paper will also cover Part XI of the Act.

This paper is not a comprehensive consideration of all the Privacy Act issues bearing upon law
enforcement information. For example, there will be another discussion paper covering
information matching. However, individuals wishing to make submissions are invited to
comment on the matters raised in this paper, and also to make submissions on other related
issues which might not be fully covered in this paper.



PART XI OF THE ACT

What is law enforcement information?

An answer to this question might be "information used by law enforcement agencies like the
police in discharging their functions". However, this would be wider than the way the term is
used in Part XI of the Act. Section 110 defines "law enforcement information" for the purposes
of Part XI to refer only to the information referred to in the Fifth Schedule. The Fifth Schedule
lists certain information held by the Department for Courts, Police, Land Transport Safety
Authority, Ministry of Transport and Department of Corrections.

To understand why this seemingly very narrow interpretation is given to the term, it is necessary
to look at the history of ss.110 -114 and the Fifth Schedule.

In the mid 1960s various parts of government recognised the benefits of having a large computer
system which could be used by different agencies. Plans to develop the Wanganui Computer
Centre and allow agencies to have routine access to certain bits of information held by other
agencies caused public concern. To allay this the government passed the Wanganui Computer
Centre Act 1976 ("WCC Act") to regulate its use. Under the WCC Act the types of information
that any one agency was permitted to have access to were described in detail. Other agencies had
to be authorised under the Act to have access to that specified information. The descriptions of
the information were linked to the way in which the computer worked with specified bits of
information on particular 'subsystems' of the computer.

One shortcoming for privacy protection of the WCC Act was that there were restrictions on the
sharing of information where the Wanganui Computer was used but not if an official used
another computer or shared paper copies of information.

The agencies which used the Wanganui computer, the types of information held, and the
agencies allowed access to the information, were all written down in a schedule to the Act. That
schedule was inserted into the Privacy Act as the Fifth Schedule. Sections 110 -114, carried the
procedure that had been in the WCC Act, for changing the schedules, into the Privacy Act.

Of course, computers have changed a lot in the last 20 years as has law enforcement. It may be
that a rethink of the approach of Part XI and the Fifth Schedule may now be warranted.

Q.1 Should Part XI of the Act and the Fifth Schedule continue as they are?

If the Fifth Schedule is seen as the means by which routine computerised information sharing by
law enforcement agencies is allowed for law enforcement purposes, it may be sensible to list all
such sharing arrangements and prohibit routine sharing not explicitly provided for.
It may not be practicable to write down all the circumstances in which a customs officer could
tell a police officer something or when an immigration officer could give a document to a
customs officer. The information privacy principles seem to provide for this adequately.
However, to keep with the original rationale of the Schedule it could perhaps record all
computerised access in circumstances where the agency holding the information does not have to
separately consider whether to grant access to the accessing agency as a prerequisite to the
accessing agency seeing the information. This essentially covers the grant of "on-line" access
rights by one law enforcement agency to another.

This might provide greater transparency in the information practices of all law enforcement
agencies. The schedule might then reflect the practical realities of law enforcement in the
technologically sophisticated 1990s rather than continuing to reflect a more limited (although
updated) view of how things seemed in the 1970s.

Q.2 Should an attempt be made to cover all on-line linkages between all government
agencies with law enforcement functions and not just those which were involved in
Wanganui?

A schedule broadened in this way might be perceived as sanctioning a great many more
intrusions to people's privacy - however, at least the authorisation would be granted openly and
be subject to scrutiny in a general sense. Care would need to be taken to ensure that law
enforcement agencies were not prevented from carrying out particular functions through the
change.

Q.3 Would the operation of the Act be enhanced through repeal of Part XI and the Fifth
Schedule?

If Part XI were to be repealed law enforcement agencies would need to ensure that each on-line
instance of collection or disclosure of "law enforcement information" complied with information
privacy principles 2 and 11. This would mean that if someone made a complaint that a police
officer had improperly looked up the complainant's criminal conviction history from Department
for Courts computers, both the Police and the Department for Courts would need to be able to
show one of the exceptions to the principles applied (for example, that the access to the
particular record was necessary in the circumstances to avoid a prejudice to the maintenance of
the law).

One advantage of this approach might be that each agency would be more directly accountable
for its information practices. One disadvantage might be that the justifications might be artificial
in practical terms, and lead to a widening of the exceptions under the Act.

Amendment of the Fifth Schedule

Currently the Fifth Schedule may be amended only by further Act of Parliament. During the
Act's first 4 years of operation the Schedule was able to be amended by Order-in-Council.
If an amendment Act is required to amend the Schedule, the public gets the chance to make
submissions on whether they think a change is justified. The change will be scrutinised by a
select committee and Parliament gets to decide. The downside for the agencies concerned is that
it can take a long time to have a law passed and involve a great deal of officials' time and some
parliamentary time.

Part XI could be changed so that the Fifth Schedule could be amended by regulation - as was the
position from mid 1993 - mid 1997. There is no public scrutiny of regulation making but it is
more efficient in the sense that it does not require Parliamentary time. The Privacy
Commissioner can be consulted in the process. It can be cheaper and faster than using statutory
amendment to meet technological advances and operational needs.

Other options for enabling amendment of the Schedule could be considered such as removing the
entire Schedule into regulations or by allowing changes on the direction of a Minister by notice
in the Gazette.

Q.4 Should the process for amending the Fifth Schedule be changed? How?

At the moment some local authorities are allowed Fifth Schedule access to the drivers licence
and motor vehicles registers. There was a special procedure for authorising local authorities to
access these registers under the WCC Act, and this has been carried into s.112 of the Privacy Act.

Only five local authorities have such access - obtained under the WCC Act. Many more either
get by without the information, or obtain access in ways that may not be covered by the schedule
(such as simply searching the motor vehicle register in the same way as the public, at New
Zealand Post or other outlet).

Q.5 Is there a continuing need to include local authorities in the Fifth Schedule?

CRIMINAL CONVICTIONS, POLICE CLEARANCE CERTIFICATES, POLICE
VETTING

One of the features of the Wanganui Computer Centre Act was a section prohibiting anyone
from requiring a person to produce a printout from the computer showing criminal convictions
(or their absence). It was not an offence to ask anyone (for example a job applicant) if that
person had any criminal convictions or to require them to make a statutory declaration that they
had none. It was an offence to make anyone prove it by getting a copy of their printout from the
computer.

This prohibition was not carried over into the Privacy Act. It may have been thought that the
general protections in the new Act were sufficient.

It has become more common since the repeal of the WCC Act for a range of different
organisations to require individuals to obtain and furnish printouts showing their convictions.
These printouts come from the Department for Courts. Such requirements "piggy back" on the
access rights granted to individuals under principle 6 - the organisations have no rights to obtain
the information themselves. Job applicants may feel unable to resist such a request, whether or
not they have any convictions.

Q.6 Should the prohibition on requiring individuals to obtain criminal conviction histories
be reinstated?

There are several reasons why the present situation may be unsatisfactory. An employer may
have a legitimate reason for requiring proof that a person has not got any convictions for a
particular offence. For example, a bank may have a genuine wish to be sure that a person they
wish to hire to handle cash has not been convicted of an offence of dishonesty.

The only way the bank can get that official record would be to require the applicant to obtain a
printout from the Department for Courts and give it to the bank. This would show all convictions
entered in respect of that person and not simply the ones the bank is interested in. That may have
an adverse effect on the privacy of an applicant.

Another problem is that the printouts may be easy to fake.

Some organisations already get conviction information because of statutory obligations to check
people's "good character". Examples include the Teacher Registration Board and Land Transport
Safety Authority. An alternative that has been suggested is the introduction of a "Police
clearance certificate" of the type available in some countries whereby a prospective employer or
other person, with the consent of the subject, could ask the police or courts for a certificate
specifying whether the individual has relevant convictions. Another option may be for the police
to be authorised to "vet" particular people, with the person's consent. There are anomalies in the
range of organisations for which the Police currently carry out vetting with organisations with
similar functions and needs are treated differently.

Q.7 If the prohibition on making people supply their printouts were to be reinstated how
could organisations with a legitimate need to verify criminal convictions obtain that
information? Is the Privacy Act an appropriate vehicle to tackle this issue?

A related issue is whether there should be a "spent convictions" regime, whereby minor
convictions are no longer recorded after a certain period or their use in employment or certain
other contexts is prohibited. A spent convictions regime is administered by the Commonwealth
Privacy Commissioner in Australia.

Q.8 Would a spent convictions regime be an appropriate response to the privacy issues
surrounding conviction information?

These are information privacy issues. The Privacy Act already deals with them in a general way.
For example, an employer that makes an employee furnish a list of criminal convictions might be
found to be in breach of information privacy principle 1 or 4. Use of old or irrelevant conviction
records for taking an action against the employee might breach privacy principle 8.
"MAINTENANCE OF THE LAW" EXCEPTIONS TO THE INFORMATION PRIVACY
PRINCIPLES

It is an exception to information privacy principles 2, 3, 10 and 11 where the agency collecting
or holding the information believes on reasonable grounds that non-compliance is necessary:

"To avoid prejudice to the maintenance of the law by any public sector agency, including the
prevention, detection, investigation, prosecution, and punishment of offences."

The words "public sector agency" are included in the exception to ensure that only agencies with
a proper function connected with the maintenance of the law would be able to act in reliance on
the section. For instance there was concern that if the exception was not limited in this way that
private investigators might rely on the exception to justify their actions.

Q.9 Have the words "by any public sector agency" caused any difficulties in operation?
Should the phrase be dropped or amended?

The exception in information privacy principle 11

Any (public sector) agency which has reasonable grounds to believe non-compliance with
principles 2,3 or 10 is necessary to avoid a prejudice to the maintenance of the law may proceed
under the exception. Principle 11 states:

"An agency that holds personal information shall not disclose the information to a person or
body or agency unless the agency believes, on reasonable grounds,--

(e) That non-compliance is necessary-

(i) To avoid prejudice to the maintenance of the law by any public sector agency, including the
prevention, detection, investigation, prosecution, and punishment of offences"

There are two situations in which the exception is supposed to apply. First, to allow law
enforcement agencies themselves to disclose information to avoid a prejudice to the maintenance
of the law. The Police might rely on this exception when seeking public assistance to locate a
suspect (for example by releasing a photograph to the media). The second is where an agency
holding information wants a law enforcement agency to prevent, investigate or prosecute an
offence. For example, if a bank has been robbed, it needs to disclose relevant information to the
Police. A taxi driver who made a drop to the bank might be asked to disclose information about
his customer to the Police.

The same exception must therefore apply to the Police, the bank, and the taxi driver. How does
the taxi driver know whether disclosure of the information is necessary to avoid a prejudice to
the maintenance of the law? Would it be clearer to have different exceptions applying to law
enforcement agency than apply to other agencies? For example, one exception might apply to an
agency that believed on reasonable grounds
that disclosure to a public sector agency was necessary to assist the public sector agency to
discharge its functions in relation to an offence. The second exception might permit law
enforcement agencies to disclose information for their purposes in relation to the maintenance of
the law.

Q10. Should the maintenance of the law exception in principle 11 be redrafted?

LAW ENFORCEMENT REASONS FOR WITHHOLDING INFORMATION

Section 27(1)(c)(i) allows an agency to refuse to disclose any information requested pursuant to
principle 6 if the disclosure of the information would be likely to prejudice the maintenance of
the law, including the prevention, investigation, and detection of offences, and the right to a fair
trial.

This section was based on an earlier provision in the Official Information Act. It differs from the
"maintenance of the law" exceptions of principles 2, 3, 10 and 11 in that it does not have the
"public sector agency" qualification mentioned above. Also the exceptions to the principles do
not refer to the "right to a fair trial" example.

Access requests to public sector law enforcement agencies are able to be contested in the court,
unlike alleged breaches of the other principles. This may be the reason that the deviation
developed. Parliament might have wished not to reduce existing rights by expanding the scope of
a reason for refusing information.

The fact that s.27(1)(c) does not contain the "public sector agency" qualification might suggest
that private investigators and other private sector agencies are entitled to rely on the section in
withholding information. This does not appear to be the intention.

Accordingly, should the "public sector agency" qualification be added? Or would the opposite
approach be more desirable, so that information held by agencies which cooperate with the
Police can more clearly be withheld? For instance, if "informant" information is protected in the
hands of the Police perhaps it should also be protected in the hands of a private sector agency.
Take the example of the bank robbery above, if the defendant asks the Police for the identities of
the people who had given them information, the Police may be able to refuse the request on the
basis that it came from an informant and that making such information available might prejudice
the maintenance of the law. If the same defendant asked the bank for the information, it might
not have the same reason under the Act to refuse the request, even though its interest in
withholding the information might be similar.

Q11. Should the ground in s.27(1)(c)(i) allowing withholding information for prejudice to
the maintenance of the law be aligned with the exception to the principles?

MISCELLANEOUS LAW ENFORCEMENT ISSUES
Section 31

For some years there has been discussion of creating a criminal discovery procedure, that is, a
formal means for defence and prosecution counsel to exchange information about a criminal case.
In the absence of a statutory discovery procedure the Courts may make decisions under the
Privacy Act and Official Information Act.

Once a criminal discovery procedure is enacted, section 31 may be brought into effect. Section
31 would allow the police to refuse a request for information relating to an offence where the
person concerned has already be convicted for that offence. The section comes from the Official
Information Act. It is waiting to be enacted by an Order in Council, as it was when it was in the
Official Information Act.

Q12. Would the enactment of a criminal discovery process enhance the operation of the
Privacy Act? If a criminal discovery regime is not enacted should s.31 be repealed?

Neither confirm nor deny

Section 32 allows an agency to respond to a request for access to information by neither
confirming or denying whether or not information actually exists.

The section applies where to acknowledge that information exists would cause a prejudice to the
maintenance of the law, personal safety, security or defence, or one of the other listed reasons for
withholding information. The section is used sparingly by most agencies (with the exception of
intelligence and security agencies like the Security Intelligence Service).

Section 32 is an exceptional inroad into the normal right of access.

Q.13 Has the power to "neither confirm nor deny" that information is held worked
adequately? Should it be revisited or be narrowed in any way?



The Privacy Commissioner may include in his final report a list of submissions received. He may
also refer to submissions in the text of his report. If you want your submission treated
confidentially, or do not want it used in this way, please indicate this clearly. The Commissioner
is subject to the Official Information Act. Copies of submissions may therefore be released on
request. Any request for the withholding of information on the grounds of confidentiality or for
any other reason will be determined in accordance with that Act and section 116 of the Privacy
Act.
REPORT BY THE PRIVACY
COMMISSIONER
TO THE MINISTER OF JUSTICE
ON THE INTELLIGENCE AND
SECURITY AGENCIES BILL

REPORT BY THE PRIVACY COMMISSIONER

TO THE MINISTER OF JUSTICE

ON THE INTELLIGENCE AND SECURITY AGENCIES BILL



1.0 Introduction

2.0 Intelligence organisations and the Privacy Act

2.1 The existing position

2.2 Aspects of the bill touching upon the Privacy Act

2.3 Extension of other privacy principles to intelligence organisations?

3.0 Positive aspects of the bill

4.0 Extension of meaning of "security" in SIS Act

5.0 Review of other issues

Attachment 1

Suggested amendments - clause by clause

Additional clauses in Australian Act having no equivalent in the bill

Other recommendations
1.0 Introduction
    1.1 Fear of state surveillance and secret informers can probably be traced back to the start of
   organised societies. The fears have often been well placed as the opening of the files following
   the fall of the iron curtain have shown. Attempts to place limits on the state's power to intrude
   on private lives to carry out surveillance dates back to at least Entick v. Carrington in 1765 and
   probably earlier. New Zealand, like other free and democratic societies, has generally accepted
   the need for some form of secret state surveillance to guard against those who would
   undermine democratic structures. However all democratic societies have also wrestled with the
   appropriate legal and administrative controls to ensure that any secret services remain
   accountable to those democratic institutions and do not go beyond what is reasonable to
   achieve their assigned mandate.

    1.2 It is in this context that I have examined the Intelligence and Security Agencies Bill. It
   appeared to me possible that the bill may affect the privacy of individuals. I now report the
   results of that examination.

    1.3 Undoubtedly the work of intelligence and security agencies is a major inroad into our
   privacy. This view is probably more widely held than previously following the collapse of most
   communist states. Many New Zealanders will accept the need for these agencies but take the
   view that perceived weaknesses in oversight and control mechanisms provide a possibility for
   unnecessary breaches of privacy. In a free society, the burden of justifying the continuation of
   the level of activity of such bodies falls on those who wish to maintain their work. Similarly falls
   the onus of proving the need to extend it into new fields. The case for loss of privacy has to be
   convincingly made out. It is not for those who would maintain existing levels of privacy to try to
   prove the importance of doing so.

    1.4 In my view, there is much to support in this Bill. In general, I do support it and hope the
   mechanisms in it will help us avoid becoming a "surveillance state". However, I also note that
   the Bill has potential for increasing the realm of state surveillance and I have misgivings about
   this. I believe that the creation of the Intelligence and Security Committee and Inspector-
   General of Intelligence and Security will both enhance oversight and accountability.

    1.5 The restrictions on the flow of information necessary to successful intelligence operations
   limits the application to intelligence and security agencies of standard public accountability
   controls. The intelligence agencies have been subject to little direct scrutiny from outside the
   executive government. There is presently some limited external scrutiny from the Commissioner
   of Security Appeals, Auditor General, the Ombudsman and Privacy Commissioner, and probably
   to some limited extent certain other bodies. This Bill will enhance Parliamentary oversight of the
   agencies and replace the limited brief of the Commissioner of Security Appeals with an
       Inspector-General with a wider mandate and greater powers. The existing roles of the
       Ombudsmen and Privacy Commissioner are unaffected.

        1.6 In approaching the Bill I have taken the view that secret surveillance and intelligence
       gathering creates profound privacy risks for the individuals affected and society at large. To
       constrain those risks I take the view that:

           o   the role of intelligence agencies should be kept to a tight brief and not be allowed

                to stray into areas which can be appropriately managed by normal and open
               governmental and policing activities;

           o   while the agencies will require to conduct a significant proportion of their work in secret
               there will be areas in which some information can be disclosed publicly, to the
               individuals affected or to oversight bodies, and the greatest degree of openness and
               disclosure should be promoted;
           o   as far as possible similar accountability mechanisms as apply to other bodies should
               apply to the agencies (perhaps in a modified manner) unless there is a good reason for
               that not to occur; and
           o   there should be redress for actions of intelligence agencies which breach individual
               rights without justification, including the right to privacy.

        1.7 I will begin the body of the report by briefly outlining the current arrangements in the
       Privacy Act whereby three of the information privacy principles apply to intelligence
       organisations and I can investigate complaints of breaches of those principles under a special
       procedure. This bill does not affect those current arrangements. I then make a few other
       observations on provisions in the bill where those may affect individual privacy. In the course of
       preparing this report I refer to the legislative controls adopted in Australia, Canada and the
       United Kingdom, as these societies would seem to have much in common with New Zealand. It
       so happens that each has, in the last few years, revised their oversight mechanisms.


2.0 Intelligence organisations and the Privacy
Act
2.1 The existing position

        2.1.1 The Privacy Act contains two specific provisions dealing with intelligence organisations:
       sections 57 and 81. The term "intelligence organisation" is defined in section 2 of the Privacy Act
       to mean the New Zealand Security Intelligence Service and the Government Communications
       Security Bureau.

        2.1.2 Section 57 of the Privacy Act provides:
        "Intelligence organisations - Nothing in principles 1 to 5 or principles 8 to 11 applies in
       relation to information collected, obtained, held, used, or disclosed by, or disclosed to, an
       intelligence organisation."

Only the principles dealing with the rights of access to personal information by the individual
concerned (principle 6), the right of the individual concerned to seek correction of personal
information (principle 7) and that relating to unique identifiers (principle 12) apply to
intelligence organisations.

        2.1.3 There is a special procedure set out in section 81 in relation to investigations which may
       be undertaken in relation to an alleged breach by an intelligence organisation of principles 6, 7
       or 12. Most of the complaints I receive and investigate relate to a request for a review of a
       decision by an intelligence agency to refuse access to information that it holds or to refuse to
       confirm or deny that it holds any information. The special procedure that applies under section
       81 means that neither I (through the Proceedings Commissioner) nor the complainant may refer
       a complaint to the Complaints Review Tribunal for determination. Rather the procedure
       anticipates my conducting an investigation, forming an opinion, and if the complaint cannot be
       resolved making a recommendation to the intelligence organisation and awaiting the
       organisation's response. If no response is made within a reasonable time or, after considering
       any comments made by the intelligence organisation, I may send a copy of my report and
       recommendations to the Prime Minister. In turn the Prime Minister may lay a copy of all or any
       part of the report before the House of Representatives.

        2.1.4 I have conducted or am conducting investigations under the special procedure. I have
       not, as yet formed any view as to the adequacy of the special procedure but anticipate that it
       might be a matter worthy of re-examination when I review the operation of the Privacy Act later
       this year. At present I base my comments on an assumption that the existing special
       investigation procedure is satisfactory to both resolve complaints and meet the special needs of
       intelligence organisations.

2.2 Aspects of the bill touching upon the Privacy Act

        2.2.1 The bill does not affect or limit the existing (limited) rights that individuals have under
       the Privacy Act in relation to intelligence organisations and my functions and powers in relation
       to resultant investigations. This is made express at clause 34(3) which provides:

        "Nothing in section 31 of this Act shall limit the powers, duties, and responsibilities of ... the
       Privacy Commissioner under any enactment".

        2.2.2 With the establishment of the new Inspector-General, provision has been made in
       clause 31(2) for consultation. That subclause provides:

        "Notwithstanding ... section 45(1) of this Act, the Inspector-General may from time to time
       undertake a consultation with ... the Privacy Commissioner in relation to any matter relating to
       the functions of the Inspector-General under section 30 of this Act, and, for the purposes of any
       such consultation, the Inspector-General may disclose to ... the Privacy Commissioner such
       information as the Inspector-General considers necessary for the purpose."

        2.2.3 I support the approach of clauses 31 and 34 which will enable the Inspector-General to
       consult with me in undertaking his or her functions without limiting the powers, duties and
       responsibilities placed on me under the Privacy Act. In the attachment to this report I propose
       some technical amendments which may assist in relation to the administration of consultations
       between the Inspector-General and the Privacy Commissioner.

        2.2.4 Clauses 7 and 12 will have some effect on the applicability of the Privacy Act to actions
       of Members of Parliament and the Committee and my investigations (if any) of complaints in
       relation to such actions. First of all, clause 7(3) declares that any Member of Parliament who
       acts as a member of the Committee "shall be deemed, in so acting, to be acting in his or her
       official capacity as a Member of Parliament". For the purposes of the Privacy Act the definition
       of "agency" makes it clear that it does not include "a Member of Parliament in his or her official
       capacity". Therefore, when acting as a member of the Committee, a Member of Parliament will
       not be an "agency" for the purposes of the information privacy principles (which would be
       unlikely even without clause 7). Furthermore, clause 12(4) states that the proceedings of the
       Committee are deemed to be proceedings in Parliament for the purposes of article 9 of the Bill
       of Rights 1688. This prevents the impeaching or questioning of proceedings in the Committee in
       any court or place outside Parliament. I would take this to preclude the investigation of a
       complaint asserting a disclosure of personal information to a Committee meeting or relating to
       whatever was said about individuals at such a meeting. It is likely that I would decline to conduct
       such an investigation in any case given article 9 of the Bill of Rights and the general exclusion of
       the House of Representatives from the Privacy Act definition of "agency".

2.3 Extension of other privacy principles to intelligence organisations?

        2.3.1 Undoubtedly, there is always the concern in free and democratic societies as to the
       effect on privacy of the surveillance activities of the state. It is not possible for a concerned
       citizen to know whether the surveillance activities being carried out on his or her behalf are
       excessive or are being properly kept in check. The secrecy under which the activities are carried
       out, the various laws limiting public scrutiny for reasons of national security, and the limited
       public reporting by oversight bodies, all give rise to anxieties as to whether intelligence
       organisations are overstepping the mark between prudent intelligence gathering to safeguard
       society and a more sinister "surveillance state". The various scandals that surface from time to
       time with overseas intelligence organisations heighten public concerns. For these reasons I
       welcome the establishment of the strengthened oversight mechanisms contained in this bill.
       That support is tempered by caution at the extension of secret surveillance anticipated by the
       redefinition of "security".
        2.3.2 It is my view that adherence by the intelligence organisations to the laws that the rest of
       society lives by, particularly those relating to respect for human rights and accountability to
       democratic institutions to the greatest extent possible consistent with the tasks that these
       agencies are called upon to perform is to be desired. At the time that the Privacy Act was
       enacted in 1993 the Government applied information privacy principles 6 and 7 to intelligence
       organisations (although accompanied by a special complaints procedure which is not as robust
       or as open as with other agencies). This was essentially the continuation of the access and
       correction rights which existed under the Official Information Act 1982. However, the
       Government also applied information privacy principle 12 to intelligence organisations.
       Although a small step it was a welcome one. Other more secretive states might not have even
       contemplated that.

        2.3.3 However, I now suggest that it may be the time to apply more of the remaining
       principles to intelligence organisations (subject always to the special investigation procedure
       which safeguards any reasonable need for secrecy in relation to complaints investigation and
       determination). Although I think the case exists already, I suggest the need is made more urgent
       by the proposal to redefine "security" so as to extend the mandate of the New Zealand Security
       Intelligence Service into new areas.

        2.3.4 In my view, the information privacy principles provide a good sound basis for fair
       information handling practices and have clear relevance to intelligence organisations. Principles
       1, 5, 8 and 9 in particular ought, in my view, be applied as an obligation to intelligence
       organisations. These principles are, I submit particularly suitable as they take account of the
       purposes of the agencies concerned, apply standards that are reasonable in the circumstances,
       and would not need to be amended to establish any national security exception. There may be a
       case for considering the application of all the principles to intelligence agencies (perhaps with
       appropriate security exceptions crafted) but I suggest that broader issue can be examined later
       on a review of the Privacy Act.

        2.3.5 I suggest that each of principles 1, 5, 8 and 9 has a relevance in relation to intelligence
       agencies just as they do in other contexts. The standards and expectation will vary depending
       upon that intelligence context but the principle will provide a guide as to the fair information
       handling requirements. I suggest that the relevance of each of the four principles, which I will
       set out below, should almost be self-evident on a simple reading. However, I will add a few
       observations on each. Information privacy principle 1 states:

Principle 1

Purpose of collection and personal information

Personal information shall not be collected by any agency unless-
   1. the information is collected for a lawful purpose connected with a function or activity of the
      agency; and
   2. the collection of the information is necessary for that purpose.

In the context of the SIS the lawful purpose will, of course, be linked to the definition of
"security" as set out in the New Zealand Security Intelligence Service Act 1969 and which is
proposed to be amended by this bill.

        2.3.6 Information privacy principle 5 provides:

Principle 5

Storage and security of personal intelligence

An agency that holds personal information shall ensure -

        (a) that the information is protected, by such security safeguards as it is reasonable in the
       circumstances to take, against -

                (i) loss; and

                (ii) access, use, modification or disclosure, except with the authority of the agency
               that holds the information; and

                (iii) other misuse; and

        (b) that if it is necessary for the information to be given to a person in connection with the
       provision of a service to the agency, everything reasonably within the power of the agency is
       done to prevent unauthorised disclosure of the information.

Of all the information privacy principles I would have expected that this would cause least
difficulty for intelligence agencies given their emphasis on security of information held and
controls on its disclosure. However, in some circumstances there may be information about an
individual which the intelligence organisation has a proper reason to hold but which, through a
lapse in reasonable security safeguards or otherwise, is disclosed publicly or to another agency
that has no purpose in receiving the information thereby harming the individual. An example
would be certain material uncovered in the vetting process.

        2.3.7 Information privacy principle 8 provides:

Principle 8

Accuracy, etc, of personal information to be checked before use

An agency that holds personal information shall not use that information without taking such
steps (if any) as are, in the circumstances, reasonable to ensure that, having regard to the
purposes for which the information is proposed to be used, the information is accurate, up to date,
complete, relevant, and not misleading.

I appreciate that some small piece of intelligence may seem of little importance at the time it is
gathered or shortly thereafter and yet, when it accumulated with various other pieces of the
jigsaw puzzle, achieve a significance weeks, months or years later. However, at the time that the
information actually is to be put to use, particularly where a decision based upon it will affect the
interests of individuals, it is not unreasonable that the standards of principle 8, which require that
having regard to the purpose for which the information is proposed to be used that reasonable
steps (if any) be taken to ensure the information is accurate, up to date, and so forth. It may be
that in the circumstances no checks are feasible and therefore no breach of the principle would be
possible. However, where some reasonable step to check information which is to be used in such
a way as to affect an individual could be checked it ought to be checked.

        2.3.8 Information privacy principle 9 states:

        Principle 9

Agency not to keep personal information for longer than necessary

An agency that holds personal information shall not keep that information for longer than is
required for the purposes for which the information may lawfully be used.

If intelligence organisations open files on individuals, which turn out not to be necessary,
maintain vast numbers of files on individuals, or retain personal data long beyond its proper
usefulness, there are risks to privacy. Application of principle 9 would require agencies to have
policies on the retention of personal information about individuals. These policies will be linked
to the usefulness of the data for an agency's purposes and, for instance, to the statute under which
the SIS operates. It would better serve individual privacy if some information was not kept
overly long with the dangers that it will paint an inaccurate picture, be out of date, or inaccurate.
That is not to say that intelligence of a particular nature might nonetheless be held for a long
period where it is reasonable to do so. The importance is that intelligence organisations consider
the principle, apply it as relevant for their purposes and ideally that some independent oversight
body be able to look at the result, challenge it and for the agency to have to justify its position
where it seems at variance with the principle. It is also important for individuals to have access to
a complaints procedure when they are harmed by an agency's disregard of the principle.

        2.3.9 I believe that the new Committee may have a role in examining, and providing guidance
       on, matters such as records retention policies just as the Australian Joint Committee has
       examined and reported on certain information handling practices. Similarly the Inspector-
       General may have a useful role in relation to information handling practices as has been the
       case in Australia. Additionally a function could be conferred on the Ministers responsible for
       intelligence agencies to issue guidelines to be observed by the agencies. A provision of that type
       is found in section 8A of the Australian Security Intelligence Organisation Act 1979 under which
      guidelines to ASIO on the collection of intelligence relevant to security have been issued (copy
      attached).

       2.3.10 In addition to suggesting that four of the twelve principles should now be directly
      applied to intelligence agencies (although subject to a special complaints procedure whereby
      the needs of security are accorded a priority), I also think there is a role for expressly
      encouraging the adoption of internal policies to give effect to privacy accompanied by an
      independent mechanism to scrutinise those general policies and check that they are
      implemented, in a general sense, even if not on a day-to-day basis. Part of that would be
      achieved by my suggestion in the previous paragraph that the responsible Minister be able to
      issue guidelines to be observed by the agencies. However, that suggestion is primarily directed
      towards asserting the constitutional principle of responsible government that the agencies are
      subject to democratic control through the responsible Minister. This part of my suggestion is
      directed towards ensuring that the agencies themselves, take account of the needs of individual
      privacy and produce policies that they believe are adequate to meet those issues. In other
      words, I suggest the Act require the agencies to take account of the privacy interests in the
      discharge of their obligations. I believe that a number of privacy issues in any context, whether it
      be government agency or private business, can be satisfactorily resolved by adoption of good
      working practices. While it may be a challenge to do so in an intelligence context I suggest the
      basic approach remains sound. Accordingly, my suggestion that there be written into the Act an
      obligation on intelligence agencies to "adopt policies and practices which take account of the
      reasonable needs of individual privacy and, as far as practicable, and consistently with the
      requirements of security, accord with the information privacy principles in the Privacy Act 1993".
      Such an obligation should be supplemented by a requirement to put the policies before the
      Committee to be advised of those policies and for the Inspector-General to have a mandate to
      enquire into the implementation of such policies. If that suggestion is adopted it may also be
      considered appropriate for such policies to be discussed with the Privacy Commissioner, subject
      to the requirements of security.


3.0 Positive aspects of the bill
       3.1 As earlier noted I believe the bill does provide for better oversight and accountability
      mechanisms than have previously existed. For that reason, I support the bill as placing better
      and more appropriate controls on surveillance which may infringe on the privacy of individuals.

       3.2 As some apparently minor provisions in the bill may nonetheless be of significance I
      thought it might be useful to canvass some of the aspects of the bill which I particularly
      commend. Those features include the following:

Clause 6
The functions of the Committee would appear to be wider than bestowed on the UK Intelligence
and Security Committee or the Australian Parliamentary Joint Committee on ASIO. In particular,
I am pleased to note that, subject to the constraints in subclause 6(2) (which mirror the
constraints on the Australian Committee) it appears, like the UK Committee, this Committee
may pursuant to its function under clause 6(1)(a) adopt projects of its own motion which have
not been expressly referred to it by the Government. The Australian Committee has been subject
to criticism in that its functions are limited to reviewing matters that are referred to it by the
responsible Minister or Parliament itself (although sometimes at the Committee's request). Given
the "high powered" nature of the Committee and the security safeguards that have been adopted
in relation to its operation I am pleased that the issues on which it can focus are not overtly
limited by Ministerial control although, of course, the Committee is chaired by the Prime
Minister and there is a government majority.

Clauses 7 and 8

The Committee includes the Prime Minister, the Leader of the Opposition, two Government MPs
and a further member from the Opposition parties. The Prime Minister nominates the two
Government members following consultation with the leader of each party in Government and
the Leader of the Opposition nominates the other opposition member with the agreement of the
Prime Minister following consultation with the leader of each party that is not in Government.
Following this process of nomination the House of Representatives is given the opportunity to
endorse each of the nominations and if necessary further nominations may have to be presented
by the Prime Minister or the Leader of the Opposition. The procedure does seem to be a
reasonable attempt to construct a committee enjoying support across party lines. In particular, it
recognises a formal role for both the Leader of the Opposition and Parliament itself. Since
privacy may be enhanced by having a committee with broad political support in its oversight task
over agencies undertaking surveillance, I welcome this procedure. It is to be preferred over the
Australian system which involves nominations solely by the Government (although with
consultation with leaders of other parties and having regard to the desirability of ensuring
representation of various political parties) or the UK position whereby the members are simply
appointed by the Prime Minister after consultation with the Leader of the Opposition.

Clause 16

This clause deals with the provision of information to the Committee. Although it generally
restricts the giving of "sensitive information" to the Committee I do support the fact that
subclause (2) provides that sensitive information can be disclosed to the Committee if the chief
executive of an intelligence agency "considers it safe" to disclose the particular documents.
Although it is almost taken for granted for legislation of this type that some sensitive information
may need to be withheld (not a proposition that every citizen accepts but which I take as
accepted for this bill) I nonetheless support a provision which enables, in the circumstances of
the case, a discretion to be exercised to release the information. This provides a flexibility which
would not exist without subclause (2). Similarly, I support the inclusion of subclause (4) which
acknowledges that while "sensitive information" might initially be withheld from the Committee
it is open to the Prime Minister to nonetheless disclose the information where he or she
"considers it desirable in the public interest" (although subclause (4) makes it clear that the Prime
Minister does not have that discretion where it is sensitive information provided by a foreign
government which does not consent to its release).

Clause 17

As with clause 16 I am pleased to note that subclause (3) confers a discretion on the Committee
to disclose to Parliament certain information that would normally be withheld where it considers
that there are "compelling reasons in the public interest why the information should be disclosed
or published". It seems to me that in certain extreme circumstances the needs of security have to
give way to public accountability through the democratic processes. The nature of the Committee
gives me confidence that it can exercise that discretion wisely. I trust the Committee will bear in
mind the privacy interests of individuals who may incidentally be named in documents which
they release.

Clause 23

I am pleased to see the objects of this part of the Act spelt out and, in particular, that the
Inspector-General will assist the Minister to ensure that the activities of intelligence agencies are
consistent with human rights. Although that jurisdiction will not impinge directly on the
administration of the Privacy Act I do note that amongst recognised international human rights is
the right to respect for private life.

Clause 29

I note that the Inspector-General may appoint employees to carry out his or her functions. I
welcome the fact that the Inspector-General may have his or her own staff since it would
undermine public confidence in the role if an official in that position were to allow the
intelligence agencies themselves to carry out investigations into complaints and simply review
the results. The public might soon have seen that as calling into questions the independence of
the process.

Clause 30(1)©

Currently complaints can only be made to the Commissioner of Security Appeals by "any person
ordinarily resident in New Zealand". This has been widened in clause 30 to include New Zealand
citizens and employees and former employees which, by implication, might include citizens and
employees no longer ordinarily resident in New Zealand. The jurisdiction of the Inspector-
General is broadened beyond the activities of the SIS to include the actions of any intelligence
agency and the specific functions of the Inspector-General are in a number of case much wider
than the former Commissioner. I welcome the broadening of these complaints mechanisms.

Clause 46

I support the provision for annual reports by the Inspector-General. There was no statutory
requirement in the Commissioner of Security Appeals to produce such a report. I welcome the
requirement to table the report in Parliament thereby promoting public accountability.
Clause 52

I support greater detail being given in the SIS annual report in relation to interception warrants.
However, I suggest that even within the existing annual report provisions it should be possible
for the SIS to give a somewhat greater account of its work during the year. Other intelligence
agencies, such as ASIO, have found it possible to publish a significant degree of information
without compromising security. At least one, the CIA, has established an internet site to
disseminate information on its functions to the public.

        4.0 Extension of meaning of "security" in SIS Act

                4.1 The bill amends the New Zealand Security Intelligence Service Act 1969 by
               extending the meaning of the term "security". Presently, the Act defines the term as
               follows:

                "'Security' means the protection of New Zealand from acts of espionage, sabotage,
               terrorism and subversion, whether or not it is directed from or intended to be
               committed within New Zealand."

Within that definition there are several defined terms as follows:

"'Espionage' means any offence against section 78 of the Crimes Act 1961";

"'Sabotage' means any offence against section 79 of the Crimes Act 1961";

"'Subversion' means attempting, inciting, counselling, advocating, or encouraging -

(a) the overthrow by force of the Government of New Zealand; or

(b) the undermining by unlawful means of the authority of the State in New Zealand"; and

        "'Terrorism' means planning, threatening, using, or attempting to use violence to coerce,
       deter, or intimidate -

(a) the lawful authority of the State in New Zealand; or

(b) the community throughout New Zealand or in any area in New Zealand for the purpose of
furthering any political aim".

        4.2 The bill proposes to alter the definition by extending its meaning so as to also include "the
       ensuring of New Zealand's international well-being or economic well-being". Accordingly, the
       new definition would read:
        "'Security' means the ensuring of New Zealand's international well-being or economic well-
       being and the protection of New Zealand from acts of espionage, sabotage, terrorism, and
       subversion, whether or not it is directed from or intended to be committed within New Zealand".

The new definition is not accompanied by any definitions of any of the terms or phrases used
within the additional words. No guidance is given to the exact meaning that is intended to be
given to the phrase "the ensuring of New Zealand's international well-being or economic well-
being".

        4.3 The term "security" is central to the New Zealand Intelligent Service Act and the
       operations of the SIS. The functions of the SIS are primarily defined by reference to the term
       "security". The Act provides that the functions of the SIS shall be:

           1. to obtain correlate, and evaluate intelligence relevant to security, and to communicate
              any such intelligence to such persons ... as the Director considers to be in the interests
              of security:
           2. to advise Ministers ... in respect of matters relevant to security, so far as those matters
              relate to Departments or ... State Services for which they are in charge;
           3. to co-operate ... with such State Services and other public authorities ... in the
              performance of its functions;
           4. to inform the New Zealand Intelligence Council of any new area of potential espionage,
              sabotage, terrorism, or subversion in respect of which the director has considered it
              necessary to institute surveillance."

Other parts of the Act under which the SIS operates makes reference to "security", notably in
relation to the interception warrants.

        4.4 Interestingly, paragraph (d) of the functions of the SIS is not proposed to be amended to
       extend the functions either to "security" as a whole or to the international well-being or
       economic well-being aspects of security. Given the lack of a definition of the new terms being
       incorporated into the meaning of "security", the vagueness inherent in the phrase itself, it is not
       entirely understandable either what is intended by the new definition or by the failure to amend
       paragraph (d). A close reader of the Act is left wondering whether it is accordingly intended that
       the SIS will not institute surveillance in respect of that aspect of security dealing with "the
       ensuring of New Zealand's well-being or economic well-being". Perhaps it is intended that
       surveillance forms no appropriate part of those security functions and instead the SIS is only
       expected to receive intelligence from overseas or be involved, say, in relation to vetting in
       relation to that new part of the definition. Or, perhaps, it is intended that surveillance will form
       part of the new functions but the New Zealand Intelligence Council is not intended to be
       informed of such surveillance.

        4.5 Perhaps some guidance as to what the new, wider, definition of security means can be
       found by noting what it does not include. Section 4(2) of the New Zealand Security Intelligence
       Service Act which provides:
 "It shall not be a function of the Security Intelligence Service -

    1. to enforce measures for security; or
    2. to institute surveillance of any person or class of persons by reason only of his or their
       involvement of lawful protest or dissent in respect of any matter affecting the
       Constitution, laws, or Government of New Zealand."

 4.6 In my view, the new phrase inserted in the definition creates a degree of uncertainty
which I believe is undesirable for individual privacy. The uncertainty makes it difficult to judge
the proposed change and offer an opinion on the reasonableness of the extension of the powers
of the SIS. Even if one believed that the SIS has a proper role in some aspect of "ensuring New
Zealand's international well-being or economic well-being" the uncertainty in the phrase, and
the possible interpretations which might be placed upon it, make it in my view a potentially
dangerous step in relation to individual liberties to take. However, if the proponents of the
change are able to more carefully express what they have in mind then I expect it may well be
possible to obtain consensus for some limited extension. I do not come from a position of
implacable opposition to any extension of the remit of the intelligence agencies but I do believe,
from the perspective of individual privacy and civil liberties, that any extensions must be made
cautiously and in full knowledge of the new tasks that society is intending to ask its intelligence
agencies to undertake. I believe that this particular amendment is too open-ended to give
comfort to those with concerns as to how far the change is intended to be and what the new
role will entail.
 4.7 In addition to recommending that an attempt be made, if possible, to more clearly define
what is intended in this new role I would also express some caution as to simply extending the
remit of the SIS because a problem is identified. I believe that some of the risks in relation to
actions which might undermine New Zealand's international well-being or economic well-being
can probably adequately be undertaken by other arms of the government, such as the Ministry
of Foreign Affairs and Trade or the Police, without necessarily assuming that the role is
appropriate in all respects for the SIS. Some aspects may need to be addressed by creating new
criminal offences, as has happened recently in relation to money laundering and has been
mooted for computer "hacking".

 4.8 For example, if there is a risk of someone doing significant damage to a major New
Zealand government entity or commercial enterprise such as a bank, through hacking into a
computer, then I believe this ought to be directly addressed by the criminal law and the
mandate given as appropriate to the normal policing authorities, such as the New Zealand Police
and Serious Fraud Office. Only on careful examination of that context (or other identified
contexts) would it then be possible to identify whether there remains an appropriate role for
the SIS.

 4.9 The issues that I raise are not unlike concerns that have been expressed before in relation
to the meaning of "subversion" which appears in the meaning of "security". Concern on that
point has never entirely disappeared from the minds of people concerned about the status of
liberties in this country. I believe it has always been accepted, even by ardent supporters of
intelligence agencies, that it is appropriate for society to keep their remit tightly defined given
the limited open public accountability. I believe that is why the SIS's functions were first put on a
statutory footing in 1969, why some of the safeguards recommended by Sir Guy Powles are now
included in that Act were adopted in 1977 (although the purpose of the 1977 amendments, like
this one, was also to extend the SIS's functions) and why this bill proposes new oversight and
review mechanisms.

 4.10 Australia also had a debate in relation to the term "subversion" which was also used in
their definition of "security". Some argued that the inclusion of the term enabled ASIO to
monitor and adversely record any political expression dissenting from the prevailing norm.
However, rather than judge these terms by their harshest civil liberties critics I would rather
briefly quote from the 1985 Hope Royal Commission on Australia's Security and Intelligence
Agencies which recognised dangers to political expression and concluded:

 "that there is substance in the proposal to do away, in the definition of 'security', with the
separate characterisation of activities under the heading of 'subversion'. As I previously pointed
out, subversion is not the name of any common law or statutory offence. The word has
produced much adverse reaction and may also, by its vague overtones of anti-government
activity, tend to mislead people as to the nature of the activity which ASIO is intended to
investigate."

 4.11 The Australian response to these concerns, following the Hope report was to redefine
their definition of security by omitting "subversion" and adding in new definitions substituting
precise concepts. Mr Justice Hope took the view that, in the absence of violence or foreign
interference, types of activities such as the manipulation of trade unions and other groups so as
to create industrial and commercial chaos, the manipulation of the money supply, and the
infiltration of government and other areas of constitutional power, were not the proper work of
the Security Service in the absence of violence or foreign interference. Accordingly, the
Australian Act replaced "subversion" within the definition of the word "security" two terms
which are not found in the New Zealand equivalent. These are "politically motivated violence"
and "acts of foreign interference" which are precisely defined. I am not arguing that the
Australian definition is ultimately "better" than the New Zealand one and some of the concepts
are interchangeable with the New Zealand definitions of "subversion" and "terrorism" (neither
of which appear in the Australian definition). What I am saying is that an appropriate response,
as in Australia, may be to try to more clearly articulate and define the concepts encompassed in
the meaning of "security". At least one Australian commentator has suggested that similar
moves in Australia to encompass within ASIO's remit issues relating to commercial information
may, in any case, be covered within functions conferred already to deal with foreign
interference directed towards government processes.

 5.0 Review of other issues
                5.1 There are a variety of other privacy issues which arise in relation to intelligence
               agencies. Other concerns could be raised in relation to the SIS Act. For example both the
               Canadian and Australian legislation regulate in more detail the function of vetting. This
               "privacy costly" activity is not spelt out in our legislation despite being a significant part
               of the function of the workload of the SIS. The failure to put GCSB on a statutory footing,
               given its partial exemption from the Privacy Act (not to mention other types of control
               or oversight), may be a concern. However although I may have strayed a little I have
               tried to largely keep my focus on the direct subject matter of the bill: that is, what it
               does reform rather than on issues worth reforming but on which this bill is silent.

                5.2 As there are a number of these other issues, and the institutions created by this
               bill will have a useful perspective on them, I suggest that a requirement for a review be
               incorporated into the Act. My suggestion is that the Committee be given the task, in the
               three years' time, to report on the operation of this bill and the SIS Act, and to
               recommend any amendments which may be desirable. I anticipate, from a privacy
               perspective, that two issues particularly worthy of examination are whether provisions
               for vetting should be detailed in law and whether GCSB should be put on a statutory
               footing.

B H Slane

Privacy Commissioner

26 February 1996

ATTACHMENT 1

Suggested amendments - clause by clause

This part of the report amplifies some of the comments made earlier and suggests some possible
amendments. Some of the other points made here have not been alluded to in the report but
should be self-explanatory.

Clause 2

A definition of "sensitive information" is given which is then utilised in the provisions dealing
with disclosure of information (clause 16-18). This term is modelled on the definition of
"sensitive information" which is contained in clause 4 of schedule 3 to the Intelligence Services
Act 1994 (UK). However, it should be noted that there are two significant differences in the
definition which make the category of "sensitive information" in the New Zealand bill potentially
wider than that defined in the UK Act. A broader definition may mean that more information can
be withheld from the Committee. The effect of that may be that the degree of oversight that the
Committee might be able to exercise in particular cases may be somewhat more limited than is
the case with the definition in the UK Act (although that is not necessarily to be assumed just by
the difference in definition since there are, for example, differences in the discretions that may be
exercised to release information to the respective committees). This is a matter I considered
ought to be drawn to your attention but I have no recommendation as to whether the definition
ought to be changed.

The two differences would seem to be that the New Zealand legislation will include as "sensitive
information" information which has been provided to an intelligence agency by another
department or agency of the government of New Zealand (sub paragraph ©(ii) of the definition)
whereas the UK definition will only encompass in that respect information provided by an
agency of a government of a territory outside the United Kingdom. The second notable
difference is that of the drafting of subparagraphs ©(iii) and (d)(ii). The relevant part of the UK
definition (with emphasis added) reads:

"Information provided by ... the government of a territory outside the United Kingdom where
that government does not consent to the disclosure of the information"

whereas the phrase used in the New Zealand definition is:

"Information that has been provided ... by the government of any other country ... and is
information that cannot be disclosed by the intelligence ... agency without the consent of the
government ... by which that information has been provided."

It appears to me that the UK legislation anticipates an intelligence agency being able to assert
that the foreign government "does not consent" to the release of the information, which in turn
anticipates the agency knowing what that other government's attitude is (presumably by asking
it). The New Zealand provision, on the other hand, would appear to anticipate that there is a class
of information that cannot be disclosed without the consent of another government and does not
necessarily imply that the intelligence agency actually knows what that other government would
think on a particular occasion.

Clause 13

Clause 13(7) indicates that officers from the Prime Minister's department can be appointed, with
the concurrence of the Intelligence and Security Committee, to assist in the conduct of business
of the Committee. Under subclause (8) those officers would be security cleared. However, the
Prime Minister is the Minister in charge of the SIS and therefore there is the possibility that
members of the Committee or commentators may see the staff as executive-oriented. For the
committee to be most effective it will need intelligent, independent and diligent staff to assist to
formulate the correct questions, follow through between meetings and develop a work
programme. It may also be preferable to state that such staff are not to be current or (recent)
former employees of any intelligence agency.

Clause 13 also provides that meetings may be convened "as the Prime Minister thinks necessary".
The quorum for the meeting requires the Prime Minister's presence. Accordingly, clause 13
allows the work of the committee to be stalled or never commenced if the Prime Minister
chooses not to convene meetings or is too busy to attend them sufficiently frequently. I suggest
that consideration be given to:

      a requirement to convene, say, at least two meetings every year;

enabling the convening of meetings either by the Prime Minister or by resolution of the
committee.

Clause 24

Evident in this Bill, particularly with regard to the establishment and operation of the Committee,
is a concern to recognise that oversight of intelligence agencies needs to be carried out in a non-
party political way. The Australian legislation providing for the appointment of an Inspector-
General requires the Prime Minister to consult with the Leader of the Opposition before a
recommendation is made to the Governor General for the appointment of a person as Inspector-
General. This may be a feature worthy of incorporation into clause 24.

Clause 25

Clause 25(1) enables an Inspector-General to be appointed for a term of three years and provides
that he or she may from time to time be reappointed. Given the secrecy of the work of
intelligence agencies and the confidentiality imposed on the activities of the Inspector-General it
is inevitable that some members of the public will be suspicious as to how diligent and
independent the Inspector-General will remain. Some will retain a suspicion that an Inspector-
General who has been in the position for a few years will no longer retain the detachment with
which he or she entered the position. There may be a risk that the person subconsciously absorbs
the culture of secrecy and surveillance. I suggest that it may well be appropriate to limit the
Inspector-General to a maximum of two terms. An alternative would be a longer term, say 5
years, which cannot be renewed.

Clause 30

Subclause 30(4) provides that the Inspector-General shall not inquire into the "day-to-day
operations" of an intelligence agency except to the extent "strictly necessary" for the
performance of functions under subclause 30(1). A similar limitation is placed on the Committee
in subclause 6(2). While appropriate for the Committee I question whether the restriction, which
might be considered relatively vague, is appropriate in respect of the Inspector-General. I
recommend that clause 30(4) be deleted or, at least, that the word "strictly" be omitted. Some
latitude is necessary I believe if the Inspector-General is to carry out his or her functions
effectively as the Prime Minister's assistant.

Clause 30(5)(b) provides that the Inspector-General must not conduct an enquiry in relation to a
complaint by an employee or former employee of an intelligence and security agency alleging
that he or she has been adversely affected unless "all established internal remedies have been
exhausted". While it is desirable to avoid the resources of the Inspector-General being wasted on
employee grievances which should be able to be solved internally this does present problems. It
may be harsh to deny an employee or former employee access to the external complaints
mechanism for failure to utilise some forms of internal mechanism, especially informal ones. I
suggest that consideration be given to modifying the provision in one or more of the following
ways,

      delete the word "and" at the end of subparagraph (a) and substitute "or";
      add the word "reasonable" after the word "all" in subparagraph (b);
      apply the subsection to current employees but enable former employees to complain directly to
       the Inspector-General (note that this last proposal will have limited application for some time
       anyway given clause 33).

Clause 31

I suggest that consideration be given to whether there is a need for a provision to mirror clause
31(2) to appear in the Privacy Act given that I am also under a secrecy obligation. Such a clause
may enable me to disclose information in my possession, particularly where part of an
investigation I am undertaking in relation to an access review or other complaint may partly
involve a non-privacy complaint more properly considered by the Inspector-General.
Amendment to section 55 of the Privacy Act may also be desirable, to mirror section 55(d).

Clause 37

Clause 37 is a "whistleblowing" provision prohibiting the victimisation of an employee of an
intelligence agency who brings a matter to the attention of the Inspector-General in good faith. I
support this provision but suggest that consideration be given to:

      what effect clause 30(5) will have on the provision;

the position of former employees; and

      whether the whistleblower protection should be extended to any other class of person, such as
       employees of other public sector bodies which supply information to an intelligence and
       security organisation, or some other source or former source.

Clause 41

Clause 41 enables the Inspector-General to hear evidence in private where "to do otherwise
would be likely to prejudice one or more of the interests referred to in section 45(3)(a) of the
Act". This essentially refers to security and safety interests and therefore may be availed of by an
intelligence agency to exclude a complainant when the agency is giving evidence. However, it is
hardly likely that a complainant could, under this clause, exclude an agency when giving
evidence. This is a change from the present position which applies to the proceedings of the
Commissioner of Security Appeals. In the current Act it is provided in section 20(3) that:

"In arriving at his conclusions the Commissioner shall hear separately and in private such
evidence (if any) as may be tendered by the complainant and any witnesses whom he may wish
to adduce, and shall hear separately and in private such evidence (if any) as may be tendered by
the Director and any witnesses whom he may wish to adduce."

Accordingly, while appearing neutral this provision is, in fact, one that will only really be able to
be utilised by intelligence agencies. It involves a change from the existing provision which gave
complainants the right to be heard in private without employees of intelligence agencies being
present.

The same issue was considered in Australia and in that case the Australian Government favoured
the position adopted in this bill. However, a different conclusion was drawn by the Royal
Commission into Intelligence and Security which recommended that:

"The Director General or his representative should be present when [the applicant's] evidence is
being tendered, save to the extent that the Tribunal otherwise directs in order to protect the
privacy of the appellant or a witness...".

I strongly recommend that consideration be given to modifying clause 41 to enable the Inspector-
General to hear evidence separately and in private where to do otherwise would be likely to
prejudice the privacy of an individual or the interests of justice. Note that this would still amount
to a tightening of the existing provision in favour of allowing agencies to be present when
complainants give evidence but would leave more discretion with the Inspector-General than is
allowed in the clause as drafted.

Clause 44

The provisions establishing the Inspector General's functions, powers and procedures would
seem simply to anticipate an investigative role followed by, if appropriate, a report of
conclusions and recommendations to the responsible Minister and the Chief Executive of the
intelligence agency (refer subclause 44(1)). Of course, in many cases this Ombudsman-like
arrangement will be entirely adequate to resolve complaints satisfactorily. However, given that
matters which will be handled by the Inspector General will generally not be capable of being
remitted to a regular court, or some other determinative forum, it may be desirable to give the
Inspector General some determinative functions or, if that is clearly inappropriate, some powers
to expressly recommend specific remedies like compensation. I make these suggestions bearing
in mind that the bill specifically anticipates a current or former Judge undertaking the role of
Inspector General.

The Ombudsman-type recommendation is at the weaker end of the models that could be adopted
for providing redress on complaints that are upheld. It relies upon the Minister accepting the
recommendation and, in his or her discretion, resolving it in the manner that the Inspector
General has recommended or in some other manner. The complainant is not free to take the
matter anywhere else and therefore even a successful complainant is not in a strong position.
Even in the UK, there is provision for a tribunal not simply to make a recommendation to the
Government but to actually to direct the Secretary of State to pay to the complainant a specified
sum in compensation in relation to certain complaints. In Australia, concern over how individual
staff grievances had been handled led to some employees "going public" on a ABC Four
Corners programme in February 1994. This was one of the reasons for the Australian
government established an enquiry into ASIS. Amongst the recommendations of the enquiry was
to transfer external review of staff grievances from the Inspector General to the Security Division
of the Appeals Tribunal which has a determinative power. That was seeing as having the
advantage of keeping the staff grievance review function on a more detached and judicative basis
and would provide for legally binding findings. It would also allow the Inspector General more
time for agency monitoring functions. The Australian government's preferred position was for
the Inspector General to retain the grievance function but for that to be more clearly delineated
and for the Inspector General to act in a more adjudicative manner in relation to staff grievances.
The government concluded that the Inspector General should be given a determinative power.

Clause 45

Clause 45 has its equivalent in section 20A(1) of the present Act. However, section 20A has a
safeguard in subsection (2) which does not appear to have been carried over into the bill. That
subsection provides that the Minister cannot issue a certificate which will effectively prevent the
Inspector-General from obtaining or receiving certain information (and therefore stop an
investigation) until the consultations provided for in section 20(2A) have been completed. This
appears to anticipate a Minister delaying the issue of a certificate until the Inspector-General has
consulted with the Director and they have considered all the precautions that may be necessary to
protect the secrecy of any source. Presumably, in some cases the issue of a certificate, which is a
power which should only be exercised sparingly in a free and democratic society, may turn out
not be necessary. The explanatory note to the bill gives no explanation to that change. I suggest
that there may be a case for re-enacting the same or a similar safeguard.

Clause 46

As earlier mentioned, this bill already recognises the desirability of taking steps to avoid any
suggestion of party political control of the oversight mechanisms. Clause 46, for obvious reasons,
anticipates the exclusion of material from the Inspector-General's annual report where the
publication of such matters would prejudice the security or defence of New Zealand, certain
other intelligence concerns or if the publication would endanger the safety of any persons. I note
that the equivalent provision in the Australian legislation allows a copy of the Inspector-
General's complete report (including the material which will be excluded from the published
version) to be given to the Leader of the Opposition. There is an obligation on the Leader of the
Opposition to treat as secret any part of the report that is not tabled in Parliament. I suggest that
this provision may be worthy of consideration for inclusion in clause 46.

Clause 48

Clause 48 places some restrictions on publication of information unless it has been "approved for
release (the approval being an approval given in writing after the Inspector-General had
consulted, in relation to security requirements, with the Chief Executive of the intelligence ...
agency to which the enquiry or complaint relates)." I am not sure that clause 48(1) adequately
takes account of clause 46(2)(b) which anticipates the Inspector-General including in a report a
brief description of the outcome of each enquiry. I suggest section 48 make quite clear the
freedom to publish anything that appears in a report released under section 46.

Additional clauses in Australian Act having no equivalent in the bill

As earlier mentioned, I have examined the legislation in force in the UK, Canada and Australia
as part of my examination of this bill. Each piece of national legislation has its own
characteristics and it will not be necessary or appropriate to shape our legislation in identical
terms to any of the other models. Indeed, in many small respects the provisions in this bill
relating to the Committee and the Inspector-General may be better than the models upon which
they are based. Nonetheless, I have noticed two particular provisions in the Australian Act of
interest.

The Australian legislation enables a person in custody to communicate directly with the
Inspector-General confidentially using a sealed envelope. The need to communicate privately
with independent complaints bodies has been recognised in other New Zealand legislation
dealing with closed institutions. Obviously, a person in custody who believes that he or she has
need to communicate with the Inspector-General will feel somewhat constrained if it is perceived
that any communications with the outside world are subject to surveillance by the SIS. That will
particularly be the case if the person perceives that they have been brought to their present state
through the actions of an intelligence agency. A person in custody can send a sealed letter to the
Ombudsman who could pass it on to the Inspector-General. That being the case, direct access
would seem to be appropriate.

I would also commend for consideration a power to issue guidelines to intelligence agencies,
such as is found in the Australian legislation.

Other recommendations

I suggest that information privacy principles 1, 5, 8 and 9 be extended to apply to intelligence
organisations and that a review clause be included in the legislation for some other issues to be
addressed in three years' time. I also suggest that intelligence agencies have policies to comply as
far as practicable with the information privacy principles, consistent with the requirements of
security, and for such policies to be subject to the scrutiny of the Committee and for the
Inspector-General to be able to review their implementation.



SOURCE




Private correspondence ...
"Private correspondence was the pride and joy of 14th century Italians. Exchanging letters with
commercial information had been a tried and true technique of Italian business for a century or
more. As the generations passed, these business letters increasingly became joined by purely
private correspondence ... Among educated Italians letters were seized upon as a marvellous way
of maintaining cherished family ties and friendships during periods of separation. Letters not
only maintained friendships, they enriched them. Of course the farther the letters had to travel,
the longer one had to wait, so distance slowed the epistolary dialogue ... but everyone was aware
of the difficulties. The delays only made letters more precious to those who received them, and
correspondence was composed with the slowness of transit in mind. The correspondent was kept
abreast of intimate household affairs, but they were presented in a particular way. Letters were
sometimes warmer than conversation would have been. In writing one was forced to find words
to express affection, anxiety (doubled by distance) relief, and joy, words that came less easily to
women's lips in daily intercourse owing to convention and modesty."

        Georges Duby (Ed), A History of Private Life (volume II): Revelations of the
       Medieval World, 1985/1988, pages 252-256.
        "...a husband had the right to monitor his wife's acquaintances, visits, travels and
       correspondence. At the end of the 19th century there was a major controversy over this
       issue ... . No measures were actually taken to protect the privacy of a woman's
       correspondence, and most magistrates held against women who attempted to invoke this
       right. ... One thorny question concerned the secrecy of confidential letters, which were
       not supposed to be communicated to third parties. This right of secrecy was so powerful
       that when the recipient of confidential letters died, it was accepted that the sender could
       ask that the letters be returned. The problem for judges was to determine whether or not a
       husband could be regarded as a third party."
        Michelle Perrot (Ed), A History of Private Life (volume IV): From the Fires of
       Revolution to the Great War, 1987/1990, page 171-173.


REPORT BY THE PRIVACY COMMISSIONER TO THE MINISTER OF JUSTICE ON
THE POSTAL SERVICES BILL

CONTENTS

1. INTRODUCTION 2

2. PRIVACY AND PRIVATE CORRESPONDENCE 3

3. INTERCEPTION OF PRIVATE COMMUNICATIONS 7

4. COMMENT ON CLAUSES 12

5. SUMMARY OF RECOMMENDATIONS 15
1 INTRODUCTION
    1.1 This bill consolidates and amends the Postal Services Act 1987. My interest in the
   subject primarily revolves around the fact that postal operators carry correspondence and
   postal articles which will have within them personal information about identifiable
   individuals. Letter writing has been an important aspect of private life for literate people
   for over a millennium. Since the invention of the "Penny Post" the act of writing a letter,
   sealing it in an envelope, and entrusting it to the Royal mail have been part of everyday
   life. The invention of telegrams, facsimiles, and electronic mail have not diminished the
   place of the letter and the sealed envelope as the most secure way of conveying private
   written correspondence.
    1.2 The principal purpose of the bill is to allow increased competition in postal services
   in New Zealand by removing New Zealand Post's monopoly on carrying letters at low
   cost. In examining this bill I have been mindful, as I am required under section 14 of the
   Privacy Act, of the right of government and business to achieve their objectives in an
   efficient way. The fact that generations of New Zealanders have had their private
   correspondence carried by a public body does not of itself provide a convincing reason to
   oppose private operators carrying correspondence in the future.
    1.3 Indeed, if one takes a long term historical view, there may be a good case to
   divorce governments from the carriage of the mail since they may be tempted to inspect
   the contents for political reasons. In the official history of the British Post Office it is
   noted that during Oliver Cromwell's Commonwealth there were many blatant examples
   of interference with private correspondence. Indeed, the Act of 1657, to which the Post
   Office owes its origin, recited as one of the reasons for making the post subject of
   Parliamentary enactment that they are "the best means of discovering and preventing
   many dangerous and wicked designs which have been and are daily contrived against the
   peace and welfare of this Commonwealth, the intelligence of which cannot well be
   communicated but by letter of escript". Interestingly, this comment has a present day
   echo in the debate over encryption of electronic communications. Apparently, things got
   better after the Glorious Revolution when there was less political interest in intercepting
   private communication. As The History of the Post Office put it, great improvements
   were made "when persons were appointed to run the Post Office unconnected with
   government, to lift the Post Office out of politics". The author further observed that with
   plain citizens in charge, unversed in the ways of government, there was a concentration
   on the object of managing and improving the posts of the country and to secure the
   highest possible revenue. Although the comments were penned in the late 19th Century,
   and referred to the 17th Century, they may reflect something of the case that the
   proponents for deregulation would wish to make.
    1.4 However, whatever the longer historical view, New Zealand Post's recent
   reputation has not been tarnished by any significant breach of confidentiality regarding
   personal correspondence. New entrants in the postal field may not come "ready made"
   with such a reputation. It is possible that the present situation has arisen not simply by
   operation of law but also through custom, administrative practice and ethic, established
   within New Zealand Post and its predecessor the Post Office as a public body. New
   private postal operators will need to demonstrate an impeccable ethic of respect for the
   integrity of the mail but it is the task of this bill to ensure that the law backs that up.
        1.5 In looking at this bill I have not restricted my focus to new issues which are
       introduced by deregulation. Some of the comments I will make would apply even if there
       had been no prospect of introducing private sector competition. I make these comments
       now because I have had no previous opportunity to do so since the enactment of the
       Privacy Act 1993.

2 PRIVACY AND PRIVATE CORRESPONDENCE
        2.1 In New Zealand society today we place a high value on the sanctity of private
       correspondence and the integrity of the mail system. This is now a cherished value but it
       has not always been respected in earlier times. Take for example, the British forerunner
       of our own Post Office. At times British governments abused the trust they had taken
       through imposition of a postal monopoly. Joyce in The History of the Post Office
       published in the late 19th century said:
        "Various causes have contributed to ... the distrust and hostility with which the Post
       Office appears to have been regarded towards the middle of last century. As early as 1735
       Members of Parliament had begun to complain that their letters bore evident signs of
       having been opened at the Post Office, alleging that such opening had become frequent
       and was becoming a matter of common notoriety. ... it transpired that in the Post Office
       there was a private office, an office independent of the Postmaster-General and under the
       immediate direction of the Secretary of State, which was expressly maintained for the
       purpose of opening and inspecting letters. It was pretended, indeed, that these operations
       were confined to foreign letters, but, in the matter of fact, there was no such restriction. ...
       it was in June 1742 that these shameful facts became known through the report of a
       committee of the House of Commons."

Joyce's description goes on to say:

"To ourselves it may seem strange that the monopoly of letters should have survived so terrible a
revelation. It must be remembered, however, that in the middle of last century the Post Office
owing mainly to the heavy charges it levied, had hardly become a matter of general concern, that
public opinion as we now understand it was only beginning to exist, and above all, the conditions
under which the Post Office work was done precluded the idea of privacy. These conditions were
absolutely inconsistent with the sanctity which now surrounds a letter. Letters were divided into
two classes - single or double, and to determine whether a letter was one or the other demanded a
close scrutiny, a scrutiny as which could not be exercised except by the strongest light candles
could give. ... it had been laid down that a letter however small, was to be charged double if two
or more persons joined in writing it. How could it be ascertained that the whole of a letter was in
one and the same handwriting except by prying?"

        2.2 Joyce disappointingly reports that the infamous practice identified by the
       Parliamentary committee did not end with exposure. Apparently Treasury continued to
       remit £4,000 per annum for the inquisitors. Indeed, the "Chief Decypher", Dr Willes,
       went on to become Bishop of St Davids (he was Dean of Lincoln at the time he was
       entrusted with intercepting privacy correspondence). Nonetheless, the work of that
       Parliamentary committee, and the practices it exposed, helped contribute to later reform
       of the Post Office and the attitude that is today taken towards the privacy of
       correspondence.
        2.3 Article 17 of the International Covenant on Civil and Political Rights which states:

Article 17

   1. No-one shall be subjected to arbitrary or unlawful interference with his privacy, family,
      home or correspondence, nor to unlawful attacks on his honour and reputation.
   2. Everyone has the right to the protection of the law against such interference or attacks.

Although, protecting the sanctity of mail is fundamental to the protection of privacy, there is no
direct equivalent of this right in the New Zealand Bill of Rights Act 1990. However, section 21
contains a relevant, though narrower, right that:

"Everyone has the right to be secure against unreasonable search or seizure, whether of the
person, property, or correspondence, or otherwise."

There are also provisions in a variety of other laws which give some meaning to the right not to
be subjected to arbitrary or unlawful interference with correspondence. I will mention a few of
the laws of relevance so as to put the comments which follow in this report into a legislative
context.

Postal Services Act 1987

        2.4 The Postal Services Act 1987 contains several provisions which ought to help
       ensure that no-one is subjected to unlawful or arbitrary interference with personal
       correspondence. Key provisions include:

           o   control over who may carry letters for hire or reward (presently restricted to New
               Zealand Post Limited and under this bill to be extended to other designated postal
               operators);

an offence of unlawfully opening a postal article;

allowing opening of postal articles only in circumstances circumscribed by law and subject to
careful procedures;

offences concerning the wrongful divulgence of the contents of a postal article by an official or
by any other person.

Security Intelligence Service

        2.5 The provisions in the Postal Services Act do not give the whole picture in relation
       to official mail opening as there is other legislation providing for official interception and
       opening of postal articles - notably by the Security Intelligence Service operating
       pursuant to a ministerial interception warrant.
       Opening mail before posting or after delivery
       2.6 The scope of article 17 of the International Covenant on Civil and Political Rights
      is not limited solely to the actions of postal operators. It is lawful in New Zealand in
      some circumstances for private correspondence to be intercepted and opened before it
      comes into the hands of New Zealand Post or after it has been delivered. The main
      circumstance in which this occurs is in relation to persons detained by law in institutions
      run by the State. An obvious example concerns correspondence to or from prison inmates.
       2.7 Some limits may need to be placed on the freedom of correspondence when
      individuals are incarcerated. However, it is possible that some older legislation may have
      gone unnecessarily far. I was pleased to be consulted during 1994-1996 in respect of
      regulations governing residential care facilities for children and young persons. The
      Department reviewed the regulations, taking into account the New Zealand Bill of Rights
      Act 1990 and suggestions from my office, and the resultant regulations were, in my view,
      considerably more respectful of the privacy of correspondence than those they replaced.
      Nonetheless the regulations still met the essential need to protect both the young people
      in care and members of the wider community.
       2.8 On some suitable occasion the laws which deal with such interferences with private
      correspondence should be reviewed. It may be desirable to require comparable safeguards
      in the opening of correspondence in such circumstances to those applying to postal
      operators, for instance by requiring notice of the fact of opening to be given to addressee
      and sender. It also may be appropriate to question whether powers to open mail should
      appear in regulation. The Australian Law Reform Commission considered that such
      powers should be placed in primary legislation.

Privacy Act 1993

       2.9 This short review of legal provisions relevant to the privacy of correspondence
      would not be complete without mentioning the Privacy Act itself. Information privacy
      principle 4 provides that personal information must not be collected by an agency by
      "unlawful means" or by means which "intrude to an unreasonable extent upon the
      personal affairs of the individual concerned". Although I have not had to form an opinion
      on any such cases, it is clear that the principle would be of relevance if an agency were to
      collect personal information about an individual by unlawfully opening personal
      correspondence.
       2.10 Less clear-cut, but certainly arguable, would be the case of an agency which was
      entitled to lawfully open correspondence but did so by means which were unduly
      intrusive. The principles dealing with storage, use, disclosure and retention, of personal
      information might all have some relevance to personal information obtained lawfully or
      unlawfully through the opening and reading of personal correspondence. Use of
      improperly opened mail would not only be an offence under the Postal Services Act but
      possibly a breach of information privacy principle 10.
       2.11 Section 55(a) of the Privacy Act is also relevant to postal operators. That
      provision states that nothing in principle 6 or principle 7 applies in respect of personal
      information in the course of transmission by post. This means that New Zealand Post
      would not be obliged to give an individual access to, or consider a request for correction
       in respect of, personal information about the requester contained in postal articles it is
       carrying. The absurdity and undesirability of holding otherwise would seem self-evident.

3 INTERCEPTION OF PRIVATE COMMUNICATIONS
        3.1 I have recently had cause to examine the matter of interception of private
       communications in some detail the context of interception of telecommunications. My
       concern in this bill is in relation to a far more traditional issue: the opening of private
       mail.
        3.2 As I observed in the previous part of this report, there are several statutory grounds
       for intercepting and opening private mail before it is posted, during transit, and after
       delivery. As far as I am aware, all existing powers of interception are granted to public
       officials. The novel feature of this law is that private companies may have conferred upon
       them the power to open and examine private letters.

Clauses 5 to 12

        3.3 Clauses 5 to 12 relate to the detention and examination of postal articles, and their
       disposal in any case where they are found to be in contravention, or to have been posted
       in contravention, of the provisions of the bill or certain other enactments.
        3.4 Clause 5 confers on any postal operator the power to detain, open, and examine any
       postal article that the postal operator has reason to suspect:
                 (a) has been posted in contravention of the Act; or
                 (b) is in contravention, or has been posted in contravention of the Misuse of
                Drugs Act, Antiquities Act, Trade in Endangered Species Act, Biosecurity Act, or
                the Customs and Excise Act.
        3.5 Unless to do so would be likely to prejudice any investigation into the commission
       or possible commission of an offence, or the detection or prosecution of an offence, a
       postal operator is required to give notice of its intention to open a postal article, or that a
       postal article has been opened, to the addressee (if known), or if not known, to the sender
       (if known). There are further provisions dealing with the disposal of certain items that
       have been opened.
        3.6 I accept the need for provisions such as are contained in clauses 5 to 12 in relation
       to the detention, opening and examination of postal articles. However, I am concerned as
       to whether the safeguards provided are as adequate as they might be in relation to letters
       given the very serious privacy intrusion caused by the opening and reading of private
       correspondence. I believe the ending of New Zealand Post's monopoly strengthens the
       case for enhanced safeguards as the public will expect particular reassurance concerning
       the opening of mail by a person who is not a public official.
        "Posted in contravention of the Act"
        3.7 I wonder whether the phrase "posted in contravention of the Act", found in clause
       5(1)(a), is sufficiently precise. For example, would it entitle a postal operator to open a
       letter for which insufficient postage had been affixed? I cannot be sure whether other
       postal operators will take a conservative or expansive view of the power conferred upon
       them. Although I have no statistical data, my office has been informed by the Legal
       Services Division of New Zealand Post that section 7 of the Postal Services Act 1987, the
       present equivalent to clause 5 is "rarely used".
        3.8 I recommend that consideration be given to whether a more precise formulation,
       directed towards limiting the power in clause 5(1)(a) to:

           o   breaches of the Act for which opening of postal articles is the only appropriate
               way of dealing with the issue (for instance if the sender's details are unknown);
               and
           o   breaches having a more serious character (where return of the article to the sender
               is an inadequate response).

Clause 5(2)

        3.9 Clause 5(2) sets out the process by which a detained postal article may be opened
       and examined. Three key safeguards are included:
        the article may only be opened and examined "at a postal outlet";

           o   at least two persons must be present when the article is opened and examined;
           o   one of the persons carrying out the opening and examination must be "specially
               authorised for the purpose by a postal operator".

This provision is based upon section 7(2) of the Postal Services Act 1987 but amended to place
any postal operator in the same position as New Zealand Post.

        3.10 While it seems appropriate to place other postal operators in the same position as
       New Zealand Post where there is reason to suspect that a postal article has been posted in
       contravention of the Postal Services Act, covered by clause 5(1)(a), the position is not
       quite so clear cut in respect of suspected contravention of other laws, as covered by
       clause 5(1)(b). Under the present law there will always be two public officials present at
       the opening of any postal article suspected of being in contravention of the law. Under
       this law, there will often be no public officials present and, instead, only employees of a
       private company. I raise this matter for consideration: has Parliament traditionally
       authorised the Post Office to open mail for suspected contravention of general laws
       because it is a postal operator or because it is an appropriate Crown representative?
        3.11 Depending upon the attitude taken to that issue, one could consider alternatives to
       the option promoted in this clause. For example, a model could be adopted whereby all
       openings, other than those for suspected breach of the Postal Services Act, are carried out
       by public officials from the New Zealand Customs Service, New Zealand Police or a
       postal inspectorate. An alternative would be for an employee of the postal operator to be
       required to be specially authorised for the purpose by the Crown to exercise clause 5(1)(b)
       powers. The Crown would, of course, make checks as to the person's suitability to
       exercise this power.
        3.12 The Australian Law Reform Commission examined the question of interception
       of the mail in 1983. It concluded that there was no compelling reason to empower
       Australia Post officials to open mail for general law enforcement purposes. It observed
that general law enforcement should be left to the Australian Federal Police and Australia
Post officers should not be de facto policemen.
 Clause 5(3)
 3.13 An important safeguard is contained in subclause (3) of clause 5. This continues
the existing law that where a postal article is intended to be opened, or has been opened,
the postal operator must give notice to that effect to the addressee if known, or if not
known, to the sender of the postal article if known. I recommend consideration be given
to obliging the postal operator to give notice to both the sender and the recipient. Giving
notice to the addressee is valuable as it explains why the wrapping material appears to
have been breached. It will assure the addressee that some other third party has interfered
with his or her mail. However, if the postal article which has been opened is private
correspondence it may be argued that the sender's privacy has been invaded at least as
much as the recipient.
 3.14 I also suggest that the notice be required to give the general reason for the opening
and examination. The equivalent provision in Australia requires such a notice to "explain
briefly (by reference to a provision of this Division or otherwise) the purpose for which
the article was opened. Accordingly, I recommend that consideration be given to
amending subclause 5(3) to give notice to both the addressee, if known, and the sender, if
known of both the fact of opening and the reason for doing so.
 Clause 5(4)
 3.15 Notice given under subclause 5(3) is an extremely valuable privacy safeguard. In
my report in relation to the Harassment and Criminal Associations Bill, I noted that
notification to the individual whose private telecommunications had been intercepted was
a strong safeguard present in the interception regimes of Canada, Germany and the USA.
However, this safeguard may be dispensed in this bill under subclause (4) where the
postal operator believes, on reasonable grounds, that the giving of the notice, or the
giving of the notice at the particular time, would be likely to prejudice an investigation
into the commission or possible commission of an offence against the Postal Services Act
or any other enactment, or the detection or prosecution of any such offence.
 3.16 I acknowledge that a provision along the lines of subclause (4) will be necessary
where there is an ongoing investigation. Similar provision exists in the Privacy Act to
protect the maintenance of the law in such circumstances. However, I am concerned that
the subsection may permit permanent dispensing with notice in circumstances where
there need only be postponement in giving notice. It should be possible to amend
subclause (4) so as to oblige a postal operator to give notice at a later time when the
giving of the notice at the particular time would be likely to prejudice an investigation.
 3.17 Consideration may have to be given to whether such an amendment need deal
differently with notices in relation to the opening of the postal articles for suspected
contravention of the Postal Services Act and the opening of articles in relation to the
other types of offences set out in paragraph 5(1)(b). There should be no difficulty in
obliging the postal operator to give delayed notice in respect of a suspected breach of the
Postal Services Act. It may be a little more problematic where the suspected offending is
in relation to one of the other enactments and where the investigation is not being carried
out by the postal operator but by a separate law enforcement agency. To give effect to my
recommendation it may be necessary to place the obligation to give delayed notification
upon the law enforcement agency in such circumstances.
       3.18 Accordingly, I recommend that clause 5(4) be amended to require notification to
      be given to the addressee and sender at the next suitable opportunity in circumstances
      where immediate notification at the particular time would be likely to prejudice an
      investigation into the commission or possible commission of an offence.

Public reporting

       3.19 My next concern about the powers to open and inspect postal articles is the lack of
      public reporting in respect of the exercise of the power. The comments I made in relation
      to the annual reporting requirements placed on the Commissioner of Police in respect of
      interception of private communications may be apt here. In my report on the Harassment
      and Criminal Associations Bill I stated:
       "The requirement on the Commissioner of Police to report certain details in relation to
      the interception of private communications is, in my view, a safeguard of fundamental
      importance. Intercepting communications for law enforcement purposes necessarily must
      be kept secret at the time but the process generally ought to be as transparent as possible
      because the Police are accountable to Parliament for the exercise of the power. Reporting
      is a requirement which tries to tip the balance away from totally secret surveillance into
      an open and democratically accountable use of limited covert surveillance. In evidence to
      the select committee studying the Intelligence and Security Agencies Bill I endorsed a
      quotation appearing in ASIO's Annual Report, that 'when every detail is given, the mind
      rests satisfied'. I believe that comment is pertinent here."
       3.20 New Zealand Post has never been required to report specifically on exercise of the
      power to intercept private communications. In my view, reporting to Parliament is an
      important safeguard in respect of the exercise for extraordinary powers to intercept
      private communications and this ought to be put right.
       3.21 Other postal operators do not report directly to Parliament. They will be
      empowered to open and inspect the contents of private correspondence and yet this bill
      requires no reporting on the exercise of that power to Parliament or any public official. In
      my view, the novelty of empowering a private body to open private communications is
      such that we must take considerable care to ensure adequate safeguards. I believe that
      there ought to be an obligation to record the circumstances of each opening and to
      periodically report publicly as to the numbers of times that the power is utilised and the
      general reasons for doing so. This may provide some reassurance to the public that the
      power is not being used excessively. It will also give some basis to judge whether the
      new postal operators are exercising the power consistently with the approach of New
      Zealand Post. This is relevant to ensuring that, in terms of article 17 of the International
      Covenant on Civil and Political Rights, the exercise of the powers are neither "unlawful"
      nor "arbitrary".
       3.22 A mechanism does exist in the bill whereby reporting obligations could imposed.
      Clause 34 obliges New Zealand Post to provide certain information to the Chief
      Executive of the department responsible for administering the Postal Services Act and
      regulations can be prescribed under clause 38 requiring certain information to be supplied
      by designated postal operators. In my view, those two provisions could be suitably
      amended to require the reporting of relevant details to the department administering the
      Act. The bill could be further amended to oblige that department to report annually to
      Parliament as to the exercise of the power by New Zealand Post and each designated
      postal operator.

4 COMMENT ON CLAUSES
Detention and examination of postal articles - clause 5

       4.1 Clause 5 is entitled "detention of postal articles". In fact, it deals not with simply
      "detention" of postal articles but also the "opening and examination" of those articles.
      None of the later clauses deal with the opening of postal articles. Accordingly, I suggest
      that the clause be given a new marginal note to read "detention and opening of postal
      articles".

General obligations relating to postal articles - clause 13

       4.2 Clause 13 obliges anyone who comes into the possession of a postal article which
      has not been delivered, to deliver that article to:

         o   the addressee; or
         o   any postal operator.

               Failure to do so is an offence. This provision continues existing law and
              accords with the general expectation that if a letter or postal article is
              misdelivered, that the recipient must put it back into a public letterbox for
              redelivery or return to the sender.
       4.3 The recipient of the misdelivered article has the option of delivering it to the
      addressee (for example, if the correct addressee is a neighbour). However, the offence
      provision fails to take account of the possibility that the recipient of the misdirected
      article might choose, in an attempt to be helpful, to physically return the article to the
      sender. No doubt this is less common than delivering the article directly to the addressee,
      since sender and addressee are likely to be some distance apart, but the circumstance is
      not impossible to imagine. In my view, the section should be amended to accord with
      reasonable practice by a member of the public in this circumstance by adding a new
      paragraph (1)© referring to "the sender". Naturally this will be only feasible if the
      identity of the sender is apparent from the outside of the postal article since it would be
      an offence for a member of the public to open it. If there would be any doubt on the
      subject, the new paragraph could instead read something like "the sender (if ascertainable
      from the exterior of the postal article)".

Addresses of rural delivery boxholders - clause 25

       4.4 Clause 25 provides that every postal operator must, where practicable make
      available publicly the addresses of every rural delivery boxholder to whom that postal
      operator provides postal collection and delivery services. Any such boxholder may direct
      the postal operator not to make the boxholder's address available publicly. The rational
     for the clause is, I understand, to recognise that people in remote locations could be
     isolated and to ensure that their addresses could be found.
      4.5 Although there may well be merit in rural people choosing to have their boxholder
     details made available publicly, I have concern as to the way the law is drafted. In
     particular, this bill provides that a rural boxholder's details will be made available unless
     that person takes some action to have those details withheld. A position which would be
     more respectful of these people's privacy would be to retain the information between
     postal operator and customer as a private matter unless the individual chooses to have the
     details released. In other words, the directory of boxholders would become something
     that rural people could choose to opt into rather than something that they would appear in
     unless they exercise their statutory right to opt out.
      4.6 To meet these concerns, the statutory provision could be altered or it could be
     omitted altogether. If the provision were to be deleted in its entirety this would leave the
     matter to the normal operation of law. The two laws of relevance would be the Privacy
     Act 1993 and the law of contract. Under both types of law it would be necessary for the
     postal operator to explain how customer details would be dealt with. As with private
     boxes that New Zealand Post operates in the city, it is quite likely that postal operators
     which are respectful of their customer's privacy would leave it to the customer to choose
     whether they wished to go into a directory or not.
      4.7 However, it may be desirable to leave a provision in the Act dealing with the
     subject for other reasons notwithstanding that the general law would probably provide a
     satisfactory outcome. Rural people may be concerned that in the absence of a provision
     such as clause 25, that a postal operator might choose not to produce a public list of rural
     delivery boxholders at all.
      4.8 If clause 25 is retained I suggest that the presumption should be that details not be
     published unless the boxholder opts to be included in a directory - the position that
     applies with private boxes.

Clause 38 -Regulations

      4.9 Clause 38(e)(i) allows for regulations to prescribe rules and procedures to be
     followed by postal operators relating to the exchange of information relating to the
     addresses of customers. It appears that the regulation making powers are intended only to
     provide a formal backup in the event that agreements cannot be negotiated between the
     various postal operators. I simply observe in this context that there will be information
     privacy issues in respect of the exchanges of lists of "customers" between postal
     operators. Indeed, one might even say that every single New Zealander is a "customer" of
     the New Zealand Post given its present monopoly (and on-going monopoly on deliveries
     of international mail). I trust that privacy issues will be taken into account when postal
     operators are negotiating agreements, and later if regulations become necessary. For
     example, individuals should be made aware of what is to happen to that personal
     information if they notify a change of address to New Zealand Post. Also, addresses
     exchanged for interconnection should be used for that purpose and not as a resource to
     mine for direct marketing. I expect that notification of changes of address could quite
     properly be used for updating or cleansing mailing lists but such lists should not, in my
      view, be sold as mailing lists themselves unless the individuals concerned have consented
      to this.

5 SUMMARY OF RECOMMENDATIONS
       5.1 The marginal note to clause 5 should refer to "opening" of postal articles.
       5.2 Postal operators should be obliged under clause 5 to keep a record of the exercise
      of powers of detention, opening and inspection.
       5.3 Consideration should be given to amending clause 5(1)(a) to more precisely state
      what the phrase "posted in contravention of the Act" means, with the intention that the
      focus be on the breaches of the Act having a more serious character and in respect of
      which opening and inspection is the only appropriate way of proceeding.
       5.4 I recommend that clause 5(3) be amended to:
               (a) require notice to be given to both the addressee, if known, and the sender, if
              known; and
               (b) require the notice to refer not simply to the fact of opening but the reason
              for doing so.
       5.5 I recommend that consideration be given to whether it is appropriate for employees
      of private companies to be involved in the opening and examination of mail pursuant to
      clause 5(1)(b) for general law enforcement purposes and that consideration be given to
      the alternatives whereby public officials carry out that task.
       5.6 Consideration should be given to whether the Act, or regulations to be made under
      the Act, can seek to ensure that persons authorised pursuant to clause 5(2) are of good
      character and receive appropriate training for the very serious task of opening private
      mail.
       5.7 I recommend that clause 5(4) require notification to be given to the addressee and
      sender at the next suitable opportunity in circumstances where immediate notification
      would be likely to prejudice an investigation.
       5.8 I recommend that clauses 34 and 38 be amended to require information concerning
      the exercise of powers of opening and inspecting postal articles to be reported directly to
      Parliament or through the Ministry of Commerce.
       5.9 Clause 13 should provide a defence where a person personally delivers back to the
      sender an article received in error.
       5.10 I recommend that clause 25 be amended to give rural boxholders the opportunity
      to choose to opt into having their personal details published rather than obliging them to
      opt out of having those details published if they object.
       5.11 In considering any procedures for the exchange of information relating to the
      addresses of customers, including the making of any regulations under clause 38(e),
      careful consideration should be given to the privacy implications.
       5.12 Although not the subject of this bill, consideration should be given at an
      appropriate time, to reviewing laws which provide for the opening of mail before or after
      it has entered the postal system so as to provide adequate safeguards to ensure privacy of
      correspondence.

B H Slane
Privacy Commissioner

24 June 1997



RADIOCOMMUNICATIONS AMENDMENT BILL

1. Introduction

1.1. This bill makes a variety of amendments to the Radiocommunications Act 1989. I wish to
comment solely on:

        the register of radio frequencies; and

        the offence to disclose contents of radiocommunications.

1.2. I provided a submission to the Ministry of Commerce in relation to its discussion paper on
the registers of radio frequencies in 1995. Subsequently, my office was consulted by the Ministry
in respect of the two issues mentioned above. I largely support the approach taken to the issues in
the bill.

2. Register of radio frequencies

2.1. The Ministry of Commerce currently maintains two databases. The National Frequency
Register (NFR) and the Register of Radio Frequencies (RRF). It is only the RRF which is
currently recognised in the statute and comes with an express statutory right of public search.
The NFR, which has information in relation to radio licences, is not expressly recognised in the
statute and no special right for public search exists (although information can be sought pursuant
to the Official Information Act 1982). The bill will put both registers on the same statutory
footing and spell out how the registers are to be maintained and public access given.

2.2. I generally support the approach that the Ministry has taken to reforming the law relating to
these two registers. Some key features, which I will comment upon, include:

        specifying the purpose for which the register is kept (clause 3);

        specifying the search references for searching the register (clause 11);

        outlining the purpose for which the register may be searched (clause 11);

        protecting the residential addresses of natural persons (clause 11).

2.3. The bill's main shortcoming in my view is that it does not provide that sections 5 and 28 of
the Radiocommunications Act 1989 are to be listed in the Second Schedule to the Privacy Act as
a "public register provisions". I maintain that it should and will comment upon this issue first.
Public register provision

2.4. When the Privacy Act was passed in 1993 there was no time to survey all the provisions in
statute or regulations establishing registers and therefore only a partial list of "public register
provisions" presently appears in the Second Schedule. The Second Schedule is mainly a list of
public registers maintained by the (then) Justice Department with a small number of other
important registers, such as the motor vehicle register.

2.5. In the years since the enactment of the Privacy Act I have scrutinised bills which created
new registers or which continued existing ones. My office has raised with the departments
concerned the issue of whether they should now be identified as "public registers" for the
purposes of the Privacy Act. A number of registers have been added to the schedule in that way.
As part of this ongoing process I consulted with the Ministry of Commerce in respect of the
proposal to re-enact the provisions dealing with the RRF, and to add the NFR, and have formed
the view that the provision should be listed as a public register provision. I understand that the
Ministry of Commerce broadly accepts this but needed a little longer to consider the matter.
Therefore the bill was introduced without expressly providing for the register to be listed as a
public register provision but the Ministry indicated to my office that it would complete its
consideration of the issue.

2.6. If section 5 of the Act is listed as a "public register provision" in the Second Schedule to the
Privacy Act there will be several consequences:

        the register will become a "public register" for the purposes of the Privacy Act;

        the register will be subject to the public register privacy principles;

        the information on the register will continue, as now, to be subject to the information privacy
       principles but the registrar in administering the register will only be required to comply "as far
       as is reasonably practicable";

        information on the public register will clearly have the status of "publicly available
       information" and therefore certain exceptions to information privacy principles 2, 10 and 11 will
       be available;

        the suppression regime contained in part V of the Domestic Violence Act 1995 may become
       available in respect of the register.

2.7. This register has all the characteristics of a "public register". I recommend that sections 5
and 28 of the Radiocommunications Act should be added to the Second Schedule to the Privacy
Act as public register provisions.

Purpose of register

2.8. Currently section 5 of the Radiocommunications Act states:
        "5. Register of radio frequencies - The Registrar shall establish and maintain a register of
       radio frequencies."

2.9. The bill will amend this to read:

        "5. Register of radio frequencies - The Registrar must establish and maintain a register for the
       purposes of maintaining records of interests or uses relating to radio frequencies."

2.10. I support the inclusion of a statement of purpose in regard to the register. Legislation
governing many existing public registers gives little indication as to why Parliament established
them. This can make it difficult for the agencies which administer public registers, and others
interested in the issues such as myself, to assess the case for new public or private uses of the
information contained on the register. A key privacy concern in any processing of personal
information is that the individual concerned be made aware of the purpose of collection and that
the information subsequently be used only for such purposes or directly related purposes (subject
to certain limited exceptions). Public registers carry particular risks in this regard since they
involve bulk holdings of systematically organised information on a large number of people and
this makes the information particularly attractive to officials and others to think up new uses for
the information.

2.11. There are two places in a statutory register scheme at which the question of "purpose" may
be relevant. The first is the purpose of establishing a statutory register at all. This relates to the
objectives of the legislation and the official reason related to the administration of the legislation
that require the creation of a register. The second is the purpose for giving a right to search to
people other than officials. It may be that the statement of purpose in section 5 can be improved
upon since at present it says relatively little. However, the bill gives further guidance as to
purpose in clause 11 in the second context.

2.12. Sometimes the purpose for which public search rights are conferred will be obvious from
the context, or can be derived from the statement of purpose set out for establishing the register.
However, I am aware of cases - particularly with older registers - where officials maintaining
registers are perplexed as to the reason why Parliament ever created a right to search the register.
In this bill clause 11, which substitutes a new section 28 into the Act, makes the purpose clear by
providing that subject to conditions any person may have access to the register:

        "For the purpose of determining whether or not any radio frequency is subject to a record of
       management rights, a spectrum licence, or a radio licence, and determining the identity of the
       owner of a management right, a right holder, or the holder of a radio licence."

2.13. This guidance as to purpose is further elaborated upon through a process which can provide
additional flexibility and straightforward application of the regime. That is provided for in
proposed section 28(4) which provides that information may be disclosed:

        "To the persons or classes of persons prescribed in regulations made under this Act for the
       purposes prescribed in those regulations."
2.14. I understand, for example, that it is contemplated that regulations would be issued giving
registered radio engineers freer access to certain information due to a "need to know" such
information in terms of their job.

Search references

2.15. One of the key privacy safeguards in the public register privacy principles relates to search
references. Public register privacy principle 1 provides:

"Principle 1

Search references

Personal information shall be made available from a public register only by search references
that are consistent with the manner in which the register is indexed or organised."

2.16. Principle 1 will be directly applicable to the register if sections 5 and 28 are added to the Second Schedule of
the Privacy Act. If it is not then the principle still provides a guide as to how one might consider the privacy issues
in relation to the statutory registers which are open to search.

2.17. To obtain information from a public register a search will normally quote a search
reference. Search references are essentially required for ease of administration. Typically
registers were originally maintained in a register book or in filing cabinets, consistent with a
logical ordering. Search references naturally flowed from the subject matter of the register or
from the way it was organised. Search reference may help ensure protection of privacy in a
pragmatic way. Someone who can quote the reference may well have some sort of business
seeing the file and could be shown the records.

2.18. Settling upon the appropriate search references is an important part of the task for
addressing public register privacy issues. In the context of creating a new register, or changing
the nature of an existing one, it requires consideration of which search references are believed to
be appropriate for the new or changed register. The issue has become particularly important in
the electronic age with registers often held on a computer database without the physical
constraints of filing systems and books. Since the physical constraints will not protect privacy,
the legal constraints have heightened importance. Accordingly, I have encouraged departments
who have created public registers over the last four years to consider expressly setting out the
search references in legislation.

2.19. In this case, clause 11 inserts a proposed section 28(2) which states that:

"The register must be so arranged that it may be searched by:

          reference number; or

          frequency band or frequency within a frequency band; or

          any other search reference specified in regulations made under this Act."
2.20. It is anticipated that the first two categories of search references will meet all legitimate
needs. However paragraph (c) provides a further degree of flexibility. I have supported this
approach in this and other legislation since there may sometimes be a case to change or enlarge
the types of search references and this need not always be to the detriment of privacy. The
creation of additional search references by regulation would need to be done with the purpose of
the register in mind. In terms of the processes for seeking authority to make regulations, the
Cabinet Office Manual require compliance with privacy principles to be indicated. By changing
the references by regulation, rather than administratively, the process and outcome are controlled
and transparent.

        Withholding of residential addresses

2.21. It is proposed that the new section 28(3)(a) of the Act will provide:

"The registrar must not disclose, otherwise than in accordance with this section:

        without the authority of the manager, right holder, or holder of a radio licence any
       information that will identify, or assist a person to identify, the residential address of any
       manager, right holder, or holder of a radio licence where that manager, right holder, or hold of a
       radio licence is a natural person."

2.22. The issue primarily arises in relation to the new information to be added to the RRF about
radio licence holders, primarily those generally known as "amateur radio operators". I understand
that the process to be adopted will provide on the annual licence application, or renewal, form for
the individual to authorise, if they so wish, the release of details of their residential address. This
is a privacy sensitive arrangement which involves the disclosure of residential address only if the
individual choose to "opt in" to that arrangement.

2.23. The issue tends to arise in relation to private organisations representing amateur radio
operators which wish to publish directories not only of their members but of all licensed radio
operators in their relevant districts. These directories are widely used in the amateur radio
community, for example to facilitate the exchange of "QSL" greeting cards.

2.24. I am confident that the process that is proposed will lead to a satisfactory resolution of the
issue and indeed a freer flow of information to these associations than has been the case over
recent years. The arrangements contemplated under section 28(3) involve, I understand,
disclosure of:

        all licence numbers (including periodic updates of issued and revoked numbers); and

        the addresses of all licence holders who authorise the release of their residential address.

2.25. The matter has involved not simply a consideration of the law but also some practical
matters of implementation. Apparently, the present computer system used for administering
radio licences could not satisfactorily cope with distinguishing between individuals who
authorise or decline to release their residential address. The changes anticipated by this bill will
coincide with an upgrading of the computer system thereby enabling smooth implementation of
the proposed arrangement.

3. Offence to disclose contents of radiocommunications - clause 43

Introduction

3.1. Clause 43 inserts a new section 133A in the principal Act. This new section makes it an
offence to make use of, to reproduce or to cause or permit to be reproduced, or to disclose the
existence of, a radiocommunication where the communication was not intended for the recipient.
There are exceptions to the prohibition contained in the section which primarily revolve around
use, reproduction, or disclosure:

by the Secretary of Commerce for the purpose of ensuring compliance with the
Radiocommunications Act;

by law enforcement officials for the purposes of avoiding prejudice to the maintenance of the
law;

by officers of the SIS or GCSB for the purposes of obtaining intelligence or foreign intelligence;

by the New Zealand Defence Force for defence purposes;

by persons acting under authorities listed in four specific statutes.

3.2. The clause is intended to strengthen the provisions relating to the privacy of
radiocommunications and I support the measure. In the balance of this report I will comment
upon aspects of the background and effect of the provision.

3.3. Although the provision will appear in the Radiocommunications Act for the first time it does
continue a provision which already exists currently in the Radiocommunications Regulations
1987. Clause 28 of the regulations states:

"Privacy of radiocommunications - Except as may be authorised under these regulations or
under any licence granted pursuant to these regulations, no person who receives any
radiocommunications not intended for that person shall:

make use of the radiocommunication or any information derived therefrom;

reproduce or cause or permit to be reproduced the radiocommunication or information derived
therefrom;

disclose the fact of the existence of the radiocommunication."

The Longworth Report
3.4. It will be noted that subsection (1) of the proposed section 133A is almost identical to this regulation. The origin
of the proposal to remove that regulation and place it in the statute can be found in the Ministry of Commerce 1992
report Telecommunications and Privacy Issues ("the Longworth Report).

3.5. Amongst other things, the Longworth Report discussed privacy expectations in relation to a
variety of radiocommunications. The report noted, for example, that the public is not generally
aware of the interceptability of cellular conversations and therefore conduct communications
with some sensitivity on them. While most radiocommunications are public with little
expectation of privacy, there are certain specific applications of the technology, linked to the use
of the telephone, where there is a reasonable expectation of privacy. The main example would be
the ubiquitous cellphone which is treated by most users as equivalent to an ordinary telephone.
Calls lodged through the telephone system to ships through the INMARSAT service has similar
"private" qualities. I am concerned to see the privacy of such communications protected.

3.6. The report also noted that the casual interception of cellular conversations may occur
unintentionally. The Crimes Act criminalises only the intentional interception of private oral
communication, which may include cellphones, through listening devices. The Crimes Act does
not address the problem of unintentional interception of cellular networks. Regulation 24 is
discussed in this context as a way of addressing the privacy issues in unintentional interception
with the solution being to prohibit the use, reproduction and disclosure of radiocommunications
not intended for that person. The report suggests that the provision should be reviewed so as to
give it more prominence rather than burying it in the "relatively obscure regulations".

3.7. Regulation 24, and the replacement statutory provision, seems to me to play a valuable role
in respect of protecting privacy in this area of radiocommunications and telecommunications. It
especially fills a void where the interception of private communications is unintentional or
claimed to be so.

3.8. Moving the provision into the Act meant that it is necessary to consider what would
constitute an appropriate sanction for breach of the provision. The regulation contained no
express sanction. The creation of a statutory offence is the obvious response and I support it.

Exceptions to the general prohibition

3.9. In developing the statutory provision it was considered necessary to spell out the situations
where it is permissible for a person to make use of radiocommunications not intended for that
person. An example might be in the context of a police raid on a drug gang's operation carried
out in a bush area. The police might monitor the gang's radiocommunications prior to moving in
on foot and by helicopter. Another example is the use of information derived from interceptions
of cellular telephones pursuant to a statutory warrant. These uses were not previously spelt out in
the existing regulations.

3.10. Bearing in mind the important public interest which compete with privacy, I consider that it
is reasonable to write exceptions into the statutory prohibition contained in the new section 133A
notwithstanding that there were no exceptions to the prohibition contained in the existing
regulation. In noting the reasonableness of the exceptions I particularly observe that each of the
exceptions in subsection (2) to section 133A restricts both the persons to whom each exception
applies and the purpose for which exceptional use, reproduction or disclosure, may be made.

3.11. Subsection (4) makes it clear that subsection (2) does not authorise the interception of
private communications within the meaning of section 216A of the Crimes Act 1961 without an
interception warrant. It is essential in my view that the general prohibition on intentional
interception of private communications remain, but where law enforcement interception of
private communications involving radiocommunications occurs (i.e. primarily involving cellular
telephones) that this should be done only pursuant to an interception warrant.

4. Conclusions

Register

4.1. In my view, the legislation has met the challenge of reconciling the generally public nature
of statutory registers with expectations of privacy in a positive and practical way. In terms of the
main block of personal information being added to the register open to public search, that is
information about amateur radio licence holders, I am satisfied from discussions with the
Ministry that the new statutory regime will provide a more satisfactory basis for protecting
privacy and additionally enable a generally freer flow of authorised information to the NZ
Association of Radio Transmitters Inc and similar clubs and societies. My one recommendation
is that sections 5 and 28 be added to the Second Schedule of the Privacy Act as public register
provisions.

Offence to disclose contents of radiocommunication

4.2. I support the approach of clause 43 to implement the Longworth Report by moving the
existing prohibition from the regulations to the Act, together with the creation of an offence with
appropriate exceptions.

B H Slane

Privacy Commissioner

19 January 1998




New Zealand Executive Government News Release Archive



18 June, 1997
                                   Prime Minister, Jim Bolger


  Release of Report on Action Undertaken by
   the Security Intelligence Service for the
          Social Welfare Department
Prime Minister Jim Bolger today released the report of the Inspector-General of Intelligence and
Security (Hon Justice Greig) on his inquiry into the propriety of the action undertaken by the
New Zealand Security Intelligence Service for the Department of Social Welfare.

In his report, Justice Greig said that he was satisfied both of the lawfulness and propriety of the
actions and the conduct of the New Zealand Security Intelligence Service and the Government
Communications Security Bureau.

Mr Bolger said he had asked the Inspector-General to conduct an inquiry, following several
expressions of public concern in late 1996, including correspondence from a Member of
Parliament.

"The report speaks for itself. I trust those who expressed concern at the time will be reassured by
the Inspector-General's findings," Mr Bolger said.

ENDS

For more information:
Anna Kominik
phone 4719 425



New Zealand Executive Government News Release Archive



Wednesday, 8 April 1998

                               Hon Jenny Shipley, Prime Minister


      PM WELCOMES MYTH-BREAKING
              BOOKLET
Prime Minister Jenny Shipley today welcomed the release of a booklet designed to dispel some
myths about the New Zealand Security Intelligence Service.

"One of the hallmarks of a democracy is its capacity to embrace heated debate and legitimate
dissent. However, a democracy must also protect itself against activities designed to undermine
the very principles upon which it is founded.

"A key part of that protection is a well run, fully accountable and ethical organisation responsible
for security. In New Zealand, that organisation is the New Zealand Security Intelligence
Service," Mrs Shipley said.

"I'm very keen New Zealanders have every confidence in the Service." She congratulated the
Service for taking a positive step in helping New Zealanders better understand its role and the
part it played in preserving the country's own unique brand of democracy.

Mrs Shipley said that, as Minister in Charge of the Security Intelligence Service, she understood
and supported the Service's long-standing policy of not disclosing the detail of security
intelligence operations.

"Unfortunately, this factor has helped to promote a 'cloak and dagger' mythology about the
Service.

"However, there is a distinction between operational detail and wider issues about the Service -
why we have it, to whom it reports and what checks and balances are in place to make sure it
operates within the limits imposed by Parliament.

"As taxpayers who fund the Service and as citizens of a democracy, all New Zealanders should
be properly informed about these wider issues.

"There are no sensational revelations contained in the publication. The Service will be seen for
what it is - a part of the public service doing a necessary and valuable job for all New Zealanders
and fully accountable to me, as the Minister in Charge of the Service, and to our Parliament,"
Mrs Shipley said.

ENDS

For further information:
Janice Rodenburg 04-4719-113 025-433-760
Anna Kominik 04-4719-425 025-426-757



http://www.fas.org/irp/world/new_zealand/docs/index.html

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:7
posted:1/24/2013
language:Unknown
pages:61